research

• Bug discovery diaries: Abusing VoIPmonitor for Remote Code Execution

  Published Mar 16, 2021

• Details about CVE-2020-26262, bypass of Coturn's default access control protection

  Published Jan 11, 2021

• Jitsi Meet on Docker default passwords - how bad is it, how to detect and fix it

  Published Apr 20, 2020

• How we abused Slack's TURN servers to gain access to internal services

  Published Apr 6, 2020

• Surf Jack - HTTPS will not save you

  Published Aug 11, 2008