vedam

You'll find the talks here

---

Morgan Williams @mrgnw

The Zen of Svelte

Approaching frontend as a backend developer, Svelte feels surprisingly pythonic. Let's take a quick look at what's familiar, what's foreign, and how to explore the gap.

LiEnby

Microsoft Excel offers a feature called "Sheet Protection" it essentially allows you to lock down an excel document so you cannot edit certain sheets and aspects of it attempting to edit protected sheets will return an error message:

and trying to unprotect it under the review tab, does ask for a password.

i figured; "This is MS Excel, surely someone has found a way to disable this?"

msrkp

The criteria I used to rank: 

1. The level of complexity of the research. (How hard for me to do the same research?)
2. The usefulness of the research to other security researchers.
3. Novelty, scale of exploitation and impact

Top candidates

1. Exploiting Hardened .NET Deserialization: New Exploitation Ideas and Abuse of Insecure Serialization 
2. https://github.com/thezdi/presentations/blob/main/2023_Hexacon/whitepaper-net-deser.pdf

Homer28

/**
 *    This DLL is designed for use in conjunction with the Ruler tool for
 *    security testing related to the CVE-2024-21378 vulnerability, 
 *    specifically targeting MS Outlook.
 * 
 *    It can be used with the following command line syntax:
 *      ruler [auth-params] form add-com [attack-params] --dll ./test.dll
 *    Ruler repository: https://github.com/NetSPI/ruler/tree/com-forms (com-forms branch).
 *
 *    After being loaded into MS Outlook, it sends the PC's hostname and