theme image

hacking

hacking
profile
Attacking encrypted USB keys the hard(ware) way
hacking

Attacking encrypted USB keys the hard(ware) way

Black Hat USA 2017

Bad beat: practical attacks against poker cheating devices
hacking

Bad beat: practical attacks against poker cheating devices

Mar 2017

Royal flush: an in-depth look at poker cheating devices accessories
hacking

Royal flush: an in-depth look at poker cheating devices accessories

Nov 2016

Full(er) House: Exposing high-end poker cheating devices
hacking

Full(er) House: Exposing high-end poker cheating devices

Oct 2016

I am a legend hacking hearthstone using statistical learning methods
video game

I am a legend hacking hearthstone using statistical learning methods

CIG 2016

Predicting Hearthstone game outcome with machine learning
video game

Predicting Hearthstone game outcome with machine learning

Oct 2016

Cheating at poker - James Bond Style
hacking

Cheating at poker - James Bond Style

Defcon 2016

Does dropping usb drives really work?
hacking

Does dropping usb drives really work?

Black Hat 2016

What are malicious usb keys and how to create a realistic one?
hacking

What are malicious usb keys and how to create a realistic one?

Aug 2016

Concerns about usb security are real: 48% of people do plug-in usb drives found in parking lots
hacking

Concerns about usb security are real: 48% of people do plug-in usb drives found in parking lots

Apr 2016

The dark side of online poker or the commoditization and weaponization of big data and espionage
hacking

The dark side of online poker or the commoditization and weaponization of big data and espionage

Feb 2016

What tools do the fbi use when seizing computers or the curious case of the mouse jiggler device
hacking

What tools do the fbi use when seizing computers or the curious case of the mouse jiggler device

Jan 2016

Understanding how tls downgrade attacks prevent email encryption
network security

Understanding how tls downgrade attacks prevent email encryption

Dec 2015

I am a legend: Hacking Hearthstone with machine-learning Defcon talk wrap-up
video game

I am a legend: Hacking Hearthstone with machine-learning Defcon talk wrap-up

Sep 2014

The end is nigh: generic solving of text-based captchas
web security

The end is nigh: generic solving of text-based captchas

WOOT 2014

Predicting a Hearthstone opponent’s deck using machine learning
video game

Predicting a Hearthstone opponent’s deck using machine learning

Aug 2014

Pricing hearthstone cards with unique abilities: VanCleef and The Twilight Drake
video game

Pricing hearthstone cards with unique abilities: VanCleef and The Twilight Drake

Aug 2014

I am a legend: hacking hearthstone with machine learning
video game

I am a legend: hacking hearthstone with machine learning

Defcon 2014

How to find undervalued Hearthstone cards automatically
video game

How to find undervalued Hearthstone cards automatically

Jul 2014

Fuzzing online games
video game

Fuzzing online games

Defcon 2012

The Art of Breaking and Designing CAPTCHAS
web security

The Art of Breaking and Designing CAPTCHAS

RSA 2012

How we broke the nucaptcha video scheme and what we propose to fix it
web security

How we broke the nucaptcha video scheme and what we propose to fix it

Feb 2012

Text-based captcha strengths and weaknesses
web security

Text-based captcha strengths and weaknesses

CCS 2011

Towards secure embedded web interfaces
web security

Towards secure embedded web interfaces

Usenix Security 2011

Beyond files recovery owade cloud-based forensic
hacking

Beyond files recovery owade cloud-based forensic

Black hat 2011

Tracking users that block cookies with a http redirect
web security

Tracking users that block cookies with a http redirect

Jul 2011

Openconflict preventing real time map hacks in online games
video game

Openconflict preventing real time map hacks in online games

S&P 2011

The failure of noise-based non-continuous audio captchas
web security

The failure of noise-based non-continuous audio captchas

S&P 2011

Identifying internet explorer user with a smb query
hacking

Identifying internet explorer user with a smb query

Aug 2010

An analysis of private browsing modes in modern browsers
privacy

An analysis of private browsing modes in modern browsers

Usenix Security 2010

Framing attacks on smartphones and dumb routers: social sites tap-jacking and geo-localization attacks
hacking

Framing attacks on smartphones and dumb routers: social sites tap-jacking and geo-localization attacks

WOOT 2010

Recovering windows secrets and efs certificates offline
hacking

Recovering windows secrets and efs certificates offline

WOOT 2010

Kartograph
video game

Kartograph

Defcon 2010

Bad memories
hacking

Bad memories

Black Hat & Defcon 2010

The emergence of cross channel scripting
web security

The emergence of cross channel scripting

CACM 2010

Busting frame busting a study of clickjacking vulnerabilities on popular sites
web security

Busting frame busting a study of clickjacking vulnerabilities on popular sites

W2SP 2010

Reversing dpapi and stealing windows secrets offline
security

Reversing dpapi and stealing windows secrets offline

Black Hat DC 2010

Xcs cross channel scripting and its impact on web applications
web security

Xcs cross channel scripting and its impact on web applications

CCS 2009

Decaptcha breaking 75% of ebay audio captchas
web security

Decaptcha breaking 75% of ebay audio captchas

WOOT 2009

Embedded management interfaces emerging massive insecurity
hacking

Embedded management interfaces emerging massive insecurity

Black Hat 2009

newsletter signup slide

Get cutting edge research directly in your inbox.

newsletter signup slide

Get cutting edge research directly in your inbox.