Research

Conferences:

Speaker at: Defcamp , Romania - "SCADA Software or Swiss Cheese Software?"

Speaker at: CODE BLUE 2014 , Japan - "SCADA Software or Swiss Cheese Software?"

Speaker at: IstSec 2011 , Istanbul - "The new target of hackers: Smartphones!"

Speaker at: Swiss Cyber Storm 3 , Switzerland - "Bug Hunting in Windows Mobile and Mobile Malwares"

Speaker at: CONFidence 2010 , Poland - "Analysis of Software Vulnerabilities"

Speaker at: AnkaSec 2010 , Turkey - "Threats on Your Smart Phone (WinCE and Symbian)"

List of the public vulnerabilities which were discovered by me:

Schneider Electric IGSS Scada Memory Corruption || US-CERT

Invensys WonderWare Scada Buffer Overflow|| US-CERT

CODESYS SCADA Buffer Overflow|| US-CERT

HTC Touch2 Media Player Memory Corruption || SecurityFocus

Adobe Shockwave Player Memory Corruption || SecurityFocus

Microsoft Windows Mobile Double Free Vulnerability || SecurityFocus || SecurityArchitect-009

AOL 9.5 File Parsing Heap Overflow Vulnerability || SecurityFocus || SecurityArchitect-007

AOL 9.5 ActiveX Heap Overflow Vulnerability || IBM-ISS || SecurityArchitect-006

Novell eDirectory Login Buffer Overflow Vulnerability || SecurityFocus || SecurityArchitect-004

Novell eDirectory Dhost Buffer Overflow Vulnerability || SecurityFocus || SecurityArchitect-003

Novell eDirectory Denial of Service Vulnerability || SecurityFocus || SecurityArchitect-002

Codes:

DarbeliMatkap Network PCAP Fuzzer darbelimatkap-github

Windows Mobile (WinCE) Dialer/PhoneCall Shellcode - ph.cpp

Windows Mobile (WinCE) MessageBox Shellcode - he.cpp

Novell eDirectory HTTPSTK PoC - httpstk.pl

Novell eDirectory Dhost Exploit - dhost.pl

Win32 Shellcode (Cmd.exe) Winxp sp3 english - cmdshell.c

Win32 Shellcode (Cmd.exe) Winxp sp2 turkish- cmdshelltr.c