|
Date |
Title / Description |
|
1994 |
Vulnerability: Bypass for Windows 3.11 backup password protection (released at a long forgotten BBS) |
|
1996 |
Tool: Proof-of-Concept UNIX backdoor / remote access tool (RAT) with string obfuscation, portable user-space process hiding, support for ICMP tunneling, https://github.com/vanhauser-thc/THC-Archive/ |
|
1997 |
Vulnerability in Solaris 10 packet-filter SunScreen, allows to bypass the firewall after flooding it with TCP fragments, unpublished |
|
1997 / 1998 |
Paper/Article: Fun paper about how to become a “hacker”, https://github.com/vanhauser-thc/THC-Archive/ |
|
1998 |
Tool: ACK scanning, new scanning technique for analyzing in- and out-rules of stateless packet-filters, proof-of-concept tool, https://github.com/thomasbiege/code/tree/master/assitch |
|
1999 |
Vulnerability: Found the probably first, and at this time unknown, XSS vulnerability while auditing an inhouse java banking software, unpublished |
|
1999-2000 |
Vulnerability: Patched wu-ftpd to make it the most secure FTP daemon at this time. The software was even not vulnerable to “format string” bugs, a bug category unknown at this time. |
|
2001 |
CAN-2001-0935, Vulnerability in wu-ftpd 2.6.0, and possibly earlier versions, which is unrelated to the ftpglob bug described in CAN-2001-0550, http://www.suse.de/de/support/security/2001_043_wuftpd_txt.html |
|
2001-04-01 |
Paper/Article: Intrusion Detection Systeme - Ein Überblick |
|
2001-04-20 |
CAN-2001, hylafax local root, format string bug, https://static.lwn.net/2001/0426/a/suse-hylafax.php3 |
|
2001-09-05 |
Paper/Article: Sicherheitsrelevante Programmierfehler, paper |
|
2001 to 2010 |
Course/Training: Secure Unix Programing, https://github.com/thomasbiege/slides/tree/master/Secure%20Programming |
|
2002-10-07 |
CAN-2002-1050, various vulnerabilities in hylafax, https://lwn.net/Articles/11945/ |
|
2002-12-17 |
Diploma Thesis: Modulares System zur Erstellung von flexiblen Intrusion-Detection und Countermeasure Umgebungen (M-ICE), https://github.com/thomasbiege/papers/tree/master/Diplomarbeit |
|
2003-08-14 |
Cited at/in: Book: Security Engineering with Patterns; M. Schuhmacher, https://doi.org/10.1007/b11930 |
|
2004 |
Tool: Forensic tool to extract JPEGs from broken images |
|
2004-03-08 |
Cited at/in: Diploma Thesis: Maschinelles Lernen in hostbasierten Intrusion-Detection-Systemen; K. Rieck, http://user.informatik.uni-goettingen.de/~krieck/docs/2004-diplom.pdf |
|
2004-05-17 |
CVE-2004-0745, shell meta character command execution vulnerability in all versions of lha, https://www.vuxml.org/freebsd/273cc1a3-0d6b-11d9-8a8a-000c41e2cdad.html |
|
2005 to 2011 |
Steering committee SIDAR / DIMVA conference, https://fg-sidar.gi.de |
|
2005-08-25 |
Tool: RADUIS Fuzzer, https://github.com/thomasbiege/code/tree/master/fuzz-radius |
|
2005-08-05 |
Tool: OpenOffice XML Document Fuzzer, https://github.com/thomasbiege/code |
|
2005-11-22 |
CVE-2005-3531, fusermount in FUSE before 2.4.1, if installed setuid root, allows local users to corrupt /etc/mtab and possibly modify mount options by performing a mount over a directory whose name contains certain special characters, https://nvd.nist.gov/vuln/detail/CVE-2005-3531 |
|
2006 |
Cited in/at: Book Linux Unix Programmierung |
|
2006-11-06 |
Paper/Article: Analysis of a strong Pseudo Random Number Generator by anatomizing Linux' Random Number Device |
|
2006-12-28 |
Talk: 23c3 Chaos Computer Congress, Analysis of a strong Random Number Generator, https://media.ccc.de/v/23C3-1420-en-strong_random_number_generator |
|
2006 / 2007 |
Talk: OpenOffice - The Attack-Vector of the Future? https://github.com/thomasbiege/slides/blob/master/OpenOffice-Security.pdf |
|
2007-08-09 |
CVE-2007-6246, Adobe Flash Player does not correctly set memory permissions, https://nvd.nist.gov/vuln/detail/CVE-2007-6246 |
|
2008-07-16 |
CVE-2008-1637, pdns-recursor, discovered that the upstream fix for the weak random number generator released in DSA-1544-1 was incomplete, https://vulners.com/debian/DEBIAN:DSA-1544-2:883AA |
|
2008-11-05 |
CVE-2008-5030, libcdaudio buffer overflow, https://www.openwall.com/lists/oss-security/2008/11/05/1 |
|
2009-04-09 |
Cited in/at: Buch: Die Kunst der digitalen Selbstverteidigung, ISBN: 3936546592 |
|
2009-10-13 |
CVE-2009-3692, A shell metacharacter injection in popen() and a possible buffer overflow in strncpy() in the VBoxNetAdpCtl configuration tool., https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3692 |
|
2009-11-16 |
CVE-2009-3940, An unspecified vulnerability in VirtualBox Guest Additions allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors., https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3940 |
|
2009-11-24 |
CVE-2009-1142, Open-vm-tools are vulnerable to Access Restriction Bypass when local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled, https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1142 |
|
2010-01-12 |
CVE-2009-4605, phpMyAdmin used the unserialize() PHP function on potentially unsafe data in setup script, what could be potentially used for XSRF attack, which can lead to code execution., https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4605 |
|
2010-01-19 |
Tool: Scan Ruby on Rails (RoR) code for simple security vulnerabilities. https://github.com/thomasbiege/code/tree/master/ror-sec-scanner |
|
2010-11-17 |
CVE-2010-4159, Mono DLL side-loading, https://nvd.nist.gov/vuln/detail/CVE-2010-4159 |
|
2010 to 2012 |
Course/Training: Web-Security Basics https://github.com/thomasbiege/slides/tree/master/Web-Security%20Basics |
|
2011-01-12 |
Tool: Released OWASP test-suite, https://thetoms-random-thoughts.blogspot.com/2011/01/tool-owasp-test-suite.html |
|
2011-03-10 |
Vulnerability: Comdirect Bank did TAN handling wrong, https://thetoms-random-thoughts.blogspot.com/2011/03/comdirect-bank-tan-handling.html |
|
2011-11-17 |
Talk: Secure Application Development (SAD) 4. German OWASP Day, No reason to be SAD - OWASP Foundation, https://owasp.org › www-pdf-archive |
|
2012-06-05 |
CVE-2012-2144, Session fixation vulnerability in OpenStack Dashboard (Horizon) allows remote attackers to hijack web sessions via the sessionid cookie., https://nvd.nist.gov/vuln/detail/cve-2012-2144 |
|
2012-09-02 |
Paper/Article: How we secured the Cloud, https://thetoms-random-thoughts.blogspot.com/2012/09/suse-cloud-how-we-secured-cloud.html |
|
2012-09-05 |
CVE-2012-3540, Open redirect vulnerability in views/auth_forms.py in OpenStack Dashboard, https://nvd.nist.gov/vuln/detail/CVE-2012-3540 |
|
2012-10 |
CVE-2012, Oracle Critical Patch Update Advisory, https://www.oracle.com/security-alerts/cpuoct2012.html |
|
2013-04-19 |
Cited in/at: Network Attack lnjection, https://www.yumpu.com/en/document/view/12966721/network-attack-injection-engenharia-informatica-e-tecnologias-da- |
|
2014-02-05 |
Cited in/at: Blog post from DJ Bernstein mentions my PRNG paper from 2006, http://blog.cr.yp.to/20140205-entropy.html |
|
2017-08-03 |
Vulnerability: Sparda Bank vulnerable to “sslstrip” attack during login. |
|
2021-02-16 |
Paper/Article: Cyber Defense in highly regulated Markets, https://cyber-defense-center.blogspot.com/2021/02/release-1-cyber-defense-in-highly.html |
|
2021-02-23 |
Paper/Article: A basic Cyber Defense Center model, https://cyber-defense-center.blogspot.com/2021/02/release-2-basic-cdc-model.html |
|
2021-03 |
Paper/Article: Cyber Defense: Terminology, Frameworks and Standards - Part 1 & 2, https://cyber-defense-center.blogspot.com/2021/03/release-3-terminology-frameworks-and.html https://cyber-defense-center.blogspot.com/2021/03/release-4-terminology-frameworks-and.html |
|
2021-03-16 |
Paper/Article: Regulatory Requirements and Cyber Defense, https://cyber-defense-center.blogspot.com/2021/03/release-5-regulatory-requirements-and.html |
|
2021-03-30 |
Paper/Article: Building a Security Awareness Program that just fits, https://cyber-defense-center.blogspot.com/2021/03/building-security-awareness-program.html |
|
2021-04-05 |
Paper/Article: Geographic analysis of Facebook dataleak (scraped data) found at an underground forum, https://cyber-defense-center.blogspot.com/2021/04/facebook-some-numbers-of-leaked-data.html |
|
2022-05 |
Hunt: Report about hunting a cybergang, unpublished, report handed over to law enforcement |
|
2022-07 |
Talk: Troopers22 Conference, Building a Cyber Defense Center in a highly regulated Environment, https://troopers.de/troopers22/talks/twlpzb/ https://github.com/thomasbiege/slides/blob/master/Troopers22_Building-CDC_v4_1.pdf |
|
2023-02-24 |
Paper/Article: Cybersecurity als Herausforderung für die Kommunen, https://issuu.com/vlk-nrw/docs/kopo0123 |
|
2024 April |
Podcast: Im Fokus der Regulierung: IT-Sicherheit in hoch regulierten Branchen,Wolfshoehle podcast |
|
2024 August |
Podcast: Cyber Crime - Phishing as a Service,Wolfshoehle podcast |