Guido Vranken



Recent Posts

Life As A Professional Hacker

Last month Guido Vranken hosted a successful Reddit AMA, sharing insight on his experience as a professional vulnerability researcher. Top questions from Reddit included what advice he had for someone looking to make money from vulnerability research, his process for hacking, and what advice he had specifically for someone heading off to..

Read More

Uncovering Memory Defects in cereal (CVE-2020-11104 & CVE-2020-11105)

Introduction

Deserialization of untrusted input is a common attack vector, making both the MITRE top-25 most dangerous software errors. Even without an attacker, mistakes in serialization or deserialization decrease the reliability of your code.  

Read More

Uncovering OpenWRT remote code execution (CVE-2020-7982)

Introduction

For ForAllSecure, I’ve been focusing on finding bugs in OpenWRT using their Mayhem software. My research on OpenWRT has been a combination of writing custom harnesses, running binaries of the box without recompilation, and manual inspection of code.

Read More

Stay Connected

Information Management Today

Subscribe to updates