You are at the archive for the Learning Material Category:

Why an outdated Java Plugin is so serious

Recently, Mozilla responded to an imminent threat to Firefox users who have an outdated Java plugin installed: Vulnerable versions of the plugin were blocked automatically (see blog post). Since then, I’ve been asked a few times why this is important; others have complained that their <any large number> corporate/government installations don’t work anymore because they […]

ADBFuzz – A Fuzz Testing Harness for Firefox Mobile

Fuzz testing (automated, random testing) is an important part of nearly every application security life cycle. While there are a lot of tools, frameworks and harnesses available for regular desktop platforms/operating systems, there’s still a lot missing in the mobile sector which is becoming increasingly important. In this article, I will describe the necessary implementation […]

Mozilla CTF – Challenge 15 Walkthrough

Recently, Mozilla held a CTF (Capture the Flag) contest where teams had to solve a set of challenges from different areas of security. I was asked to create one of these challenges (CH15) and decided to use a real (old) Firefox JS engine vulnerability for that purpose.

This blog is protected by Dave\'s Spam Karma 2: 33649 Spams eaten and counting...