Dennis Mantz
@dennismantz
Followers
486
Following
112
Media
15
Statuses
181
IT Security - CTF - Bluetooth - Software Defined Radio - Call Sign: DM4NTZ - @[email protected]
Joined September 2014
It's awesome to see InternalBlue developed into such a useful tool/project! This was definitely the intention but I wouldn't have imagined that it worked so well.
We released InternalBlue in 2019. It helps discovering otherwise hidden bugs in the Bluetooth specification and implementations. Consider releasing your tools, it might be a game changer!.
0
2
12
RT @Enno_Insinuator: Vulnerability Analysis of Endpoint Management & Monitoring Solutions, from @ERNW_ITSec .[PDF]….
0
8
0
RT @Insinuator: New blog post: Whitepaper Endpoint Management & Monitoring Solutions Released
insinuator.net
Over the course of the last 2 years we performed vulnerability research on several Endpoint Management & Monitoring Solutions. The results were already partially presented in security advisories...
0
11
0
0
7
0
RT @heckpiet: A Vulnerability Analysis of Endpoint Management & Monitoring Solutions #TROOPERS22
0
1
0
RT @Regiteric: Dennis Mantz and Fabian Ullrich did an impressive talk at #troopers22 showing results of their study on security of endpoint….
0
5
0
RT @clou42: @Insinuator CVE identifiers are now in, Brodcom published a corresponding Security Notice at The Blog….
support.broadcom.com
0
5
0
RT @ttdennis: I wrote something about Bluetooth Low Energy passkeys, their validity, the SMP protocol, and how fun it is to brute-force the….
0
6
0
RT @ttdennis: Here it is. ToothPicker. The tool we developed to fuzz the iOS Bluetooth stack (a quite “interesting” fuzzing target), which….
github.com
Contribute to seemoo-lab/toothpicker development by creating an account on GitHub.
0
90
0
RT @Insinuator: New blog post: Security Advisories for Nagios XI
insinuator.net
In June 2020 we reported three vulnerabilities in Nagios XI 5.7.1 to the vendor. The following CVE IDs were assigned to the issues : CVE-2020-15901: Command Injection in Nagios XI web interface...
0
5
0
RT @Insinuator: Blog post edited: Security Advisories for Ivanti DSM Suite
insinuator.net
From the end of 2019 on, we reported two critical vulnerabilities in the Ivanti DSM Suite to the vendor. The following CVE IDs were assigned to the issues (but note that they have a status of...
0
8
0
Wow this sounds amazing! Could very well be a game changer for mobile SDR apps. I will definitely play around with this. When I was developing RF Analyzer a few years ago, 'GNU Radio on Android' was considered impossible or at least a lot of hard work xD.
My GNU Radio toolchain for Android is now on GitHub. It's a big puzzle and I guess there are several rough edges, but if you want to give it a try:.
0
3
8
Great writeup about a recent Android over-the-air Bluetooth RCE vuln by my colleague Jan (@bolek42 )!.
New blog post: CVE-2020-0022 an Android 8.0-9.0 Bluetooth Zero-Click RCE – BlueFrag
0
2
1
Recon 2019 recordings are online! Here's the link to the talk about InternalBlue and Bluetooth Firmware reversing by @jiska___ and me: Thanks again to the organizers, I enjoyed the conference and the trip to Montreal a lot!.
0
2
7
RT @Insinuator: New blog post: TROOPERS20 Training Teaser: Windows & Linux Binary Exploitation
insinuator.net
We are happy to announce that TROOPERS20 will feature the 5th anniversary of the popular Windows & Linux Binary Exploitation workshop! In this workshop, attendees will learn how to exploit those...
0
8
0
30 minutes to our talk at @kawaiiconNZ (together with @lod108 ). We also released our frida-based fuzzer to GitHub:
github.com
Frida-based general purpose fuzzer. Contribute to demantz/frizzer development by creating an account on GitHub.
0
6
18