[ Home ] [ Services ] [ Blog ] [ Publications ] [ About ]   

Z-Labs is small company focused on offensive side of computer security. Z-Labs offers cutting-edge penetration testing services and conducts independent security research and development

January 25, 2018

Recently I've found multiple memory corruptions issues in Artifex MuPDF ver. 1.12.0. More details about this discovery can be found in my advisory.

August 23, 2017

On 12th July I've passed my GXPN certification exam and just recently received my certificate from SANS.

August 21, 2017

I've migrated to the new PGP key with id 0xC0EE0613CA05BB39. Please see my transistion statement for details.

October 10, 2016

I've published my linux-exploit-suggester.sh tool on github.

September 26, 2016

Recently I've passed OSCP examination and received my certificate from Offensive Security.

December 14, 2015

I've contributed two NSE scripts to Nmap Security Scanner: script for detecting & exploiting CVE-2014-3704 and script for detecting & exploiting CVE-2014-8877.

November 12, 2015

I've written exploit for CVE-2014-3704 vulnerability.

July 20, 2015

I've updated OWASP Top Ten Cheat Sheet. Now it is conformant with OWASP Top Ten Project and it references to latest version (4.0) of OWASP Testing Guide.

May 5, 2015

While continuing my research on various SSH protocol implementations I've found another issue this time in libssh library. CVE-2015-3146 name has been assigned to it.

April 12, 2015

Here one can find details about vulnerability I've discovered in libssh2 project. CVE-2015-1782 name has been assigned to this issue.

March 28, 2015

Recently I've completed Cryptography course from Stanford University offered via Coursera. Here's my Statement of Accomplishment.

March 15, 2015

During my first experiments with afl fuzzer I found stack exhaustion issue in PDFium (PDF rendering engine used by Chrome browser).

July 20, 2014

Published my libxploit library and pick tool on github.

May 1, 2014

On 11th March I've passed my CISSP examination and today I've officially received CISSP designation.

September 26, 2013

I've written little patch that allows Nmap to detect SSL certificates used by APT1 threat actor.

copyright (c) 2005-2019 Mariusz Ziulek