Research

It's not what we do, it's who we are

Research Overview

Thinkst analysts have been publishing proof-of-concept tools, papers and presentations for nearly a decade and a half. Our contributions have been published in books, covered in the press & cited in academia on a wide range of topics. Our staff are recognised the world over for innovative work that advances the state of the art.

Presentations and Papers

  • 2015
    BlackHat Europe 2015 - Keynote
  • 2015
    BlackHat 2015 - Bring back the Honeypots
  • 2015
    Troopers15 - The hard thing about the Hard Things
  • 2014
    Hack in the Box - Weapons of Mass Distraction - Sock Puppetry for Fun & Profit
  • 2014
    Navixia - Ignore the Politics: Lessons from the Snowden Affair
  • 2014
    ITWeb Security - What the Snowden Affair means for South Africa
  • 2013
    Acumen - Your company's security posture is probably horrible (but it might be OK)
  • 2013
    44Con - A talk about (InfoSec) talks
  • 2013
    BlackHat - 2013 - The Year in Review
  • 2012
    SecData - What should be keeping you up at night
  • 2012
    ITWeb Security Summit - The things we don't say
  • 2011
    BruCon / Hack in the Box / Troopers - You & Your Research
  • 2011
    44Con - Penetration Testing Considered Harmful Today
  • 2011
    Paper - On-screen Keyboards Considered Harmful
  • 2011
    ZaCon2/ITWeb - Fig Leaf Security
  • 2010
    BlackHat USA - Memory Corruption Attacks: The (almost) Complete History
  • 2010
    CCDCOE - Conference on Cyber Conflict - Why your threat model is probably wrong
  • 2009
    BlackHat USA - Clobbering the Cloud
  • 2009
    ISSA - An examination of the Generic Exploit Prevention Mechanisms on Apples Leopard Operating System
  • 2009
    ITWeb Security Summit - One bad Apple
  • 2008
    BlackHat USA - Pushing the Camel through the Eye of the Needle
  • 2008
    ITWeb Security Summit - When the Rubber hits the Road - Mobile Insecurity
  • 2007
    BlackHat USA - Its all about the Timing
  • 2007
    ITWeb Security Summit - Drawing Blood from a Stone
  • 2007
    ITWeb Security Summit - Thats Really not the Point
  • 2006
    BlackHat USA - A Tale of Two Proxies
  • 2006
    ITWeb Security Summit - Truth or Scare
  • 2006
    ISSA - When good code goes bad!
  • 2006
    IDC IT Security Roadshow - The difference between a Duck
  • 2005
    RECon - Web Application Hacking
  • 2004
    BlackHat USA - When the Tables Turn
  • 2004
    Microsoft Tech-Ed - Common Attack Vectors and Protection in IIS6
  • 2003
    ISSA - Hacking Web Applications
  • 2002
    BlackHat USA - Setiri - Advances in Trojan Technology

Books

  • Special OPS Host and Network security for Microsoft, UNIX and Oracle
    ISBN: 1931836698

    Special OPS Host and Network security for Microsoft, UNIX and Oracle

  • Stealing the Network
    ISBN: 1931836051

    Stealing the Network

  • Nessus Network Auditing
    ISBN: 1931836086

    Nessus Network Auditing

  • Penetration Testers Open Source Toolkit
    ISBN: 1597490210i

    Penetration Testers Open Source Toolkit

  • Aggressive Network Self-Defense
    ISBN: 1931836205

    Aggressive Network Self-Defense

  • SQL Injection Attacks and Defense
    ISBN: 1597494240

    SQL Injection Attacks and Defense

Skunkworks Software

Some things we have to build, even if it's just for us.

  • hacker folklore

    An interactive timeline covering the history of memory corruption vulnerabilities

  • Conference Collector

    A constantly updated, searchable collection of security talks, conferences and researchers

  • News Bubbles

    Interactive wall art merging social media traffic, news and human interaction using the Micrsoft Kinect. (Click the thumbnail to see it in action)

Close