Skip to main content



Matasano Domain S3 Takeover

Readers will recall Matasano Security as the company co-founded by Thomas Ptacek, Dave Goldsmith and Jeremy Rauch.  The industry history behind the founding of @stake, the acquisition by Symantec and later formation of iSEC Partners and Matasano Security is rich and a worthy reading endeavor, but I digress. It's been quite a few years since the 2012 acquisition of Matasano Security by NCC Group.  While I'm unsure of who is maintaining what these days, both cryptopals and microcorruption , exercises originally developed and maintained by Matasano Security, are still hosted and actively in use. In fact, I was just watching Dave Aitel solve some of these challenges live and noticed something interesting.  There was a link to the careers page of Matasano Security on  which returned this gem. Looks as if NCC Group has lost track of their web property.  They are still the owner of the domain via whois but it appears the s3 bucket that was backing m

Latest Posts

ROP Emporium ~ Pwning MIPS

HeapLAB Review - GLIBC Heap Exploitation with Max Kamper

Know Your [roots]#

antMan Authentication Bypass