Research - thinkst.com

thinkst : Research

blog
about
services
research
contact-us
thinkstscapes
tools & development

Research Overview

Thinkst analysts have contributed to tools, papers, presentations, blog-posts and books for the past 10 years.

Thinkst was formed specifically to bridge the gap between "research" and the "real-world", hence, Thinkst Applied Research.

Applied Research: Accessing and using some part of the research communities' accumulated theories, knowledge, methods, and techniques, for a specific, often state, commercial, or client driven purpose. - Wikipedia

Research.. It's not just what we do, its who we are..

Research History

The following contributions were made by thinkst analysts during their previous employment:

Books

Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle | ISBN: 1931836698
Nessus Network Auditing | ISBN: 1931836086
Aggressive Network Self-Defense | ISBN: 1931836205
Stealing the Network | ISBN: 1931836051
Penetration Testers Open Source Toolkit | ISBN: 1597490210i
SQL Injection Attacks and Defense | ISBN: 1597494240

Presentations & Papers

2011 - 44Con - Penetration Testing Considered Harmful Today [Slides|Video]
2011 - Paper - On-screen Keyboards Considered Harmful [Paper]
2011 - ZaCon2/ITWeb - Fig Leaf Security [Slides|Video]
2010 - BlackHat USA - Memory Corruption Attacks: The (almost) Complete History [Paper|Slides-1|Slides-2 (prezi)]
2010 - CCDCOE - Conference on Cyber Conflict - Why your threat model is probably wrong [Presentation]
2009 - BlackHat USA - Clobbering the Cloud [Presentation|Video]
2009 - ISSA - An examination of the Generic Exploit Prevention Mechanisms on Apple's Leopard Operating System [Paper]
2009 - ITWeb Security Summit - One bad Apple
2008 - BlackHat USA - Pushing the Camel through the Eye of the Needle [Presentation|Video]
2008 - ITWeb Security Summit - When the Rubber hits the Road - Mobile Insecurity
2007 - BlackHat USA - It's all about the Timing [Paper|Presentation|Video]
2007 - ITWeb Security Summit - Drawing Blood from a Stone [Presentation]
2007 - ITWeb Security Summit - Thats Really not the Point [Presentation]
2006 - BlackHat USA - A Tale of Two Proxies [Presentation|Video]
2006 - ITWeb Security Summit - Truth or Scare
2006 - ISSA - When good code goes bad! [Presentation]
2006 - IDC IT Security Roadshow - The difference between a Duck
2005 - RECon - Web Application Hacking
2004 - BlackHat USA - When the Tables Turn [Paper|Presentation|Video]
2004 - Microsoft Tech-Ed - Common Attack Vectors and Protection in IIS6
2003 - ISSA - Hacking Web Applications [Paper]
2002 - BlackHat USA - Setiri - Advances in Trojan Technology [Paper|Presentation]

* All [Video] links are external