Jose Ramon Palanco Follow
Jose Ramón Palanco is the CEO/CTO of Plexicus, a pioneering company in ASPM (Application Security Posture Management) launched in 2024, offering AI-powered remediation capabilities. Previously, he founded Dinoflux in 2014, a Threat Intelligence startup that was acquired by Telefonica, and has been working with 11paths since 2018. His experience includes roles at Ericsson's R&D department and Optenet (Allot). He holds a Telecommunications Engineering degree from the University of Alcala de Henares and a Master's in IT Governance from the University of Deusto. As a recognized cybersecurity expert, he has been a speaker at various prestigious conferences including OWASP, ROOTEDCON, ROOTCON, MALCON, and FAQin. His contributions to the cybersecurity field include multiple CVE publications and the development of various open source tools such as nmap-scada, ProtocolDetector, escan, pma, EKanalyzer, SCADA IDS, and more.
Posts by Jose Ramon Palanco
Magspoof – Wirelessly Spoof Magnetic Stripereaders
MagSpoof is a device that can spoof or emulate any magnetic stripe or credit card and it can work wirelessly even on standard magstripe credit card readers by generating a strong elec...
In hw-hacking, iot-security, Mar 21, 2021
The Right Way to Publish a CVE
A CVE is a dictionary of publicly known cybersecurity vulnerabilities which is intended to uniquely identify and name publicly disclosed vulnerabilities pretraining to specific versio...
In research, Mar 17, 2021
IoT Reversing 101: Discovery
Before we delve into the world of reverse engineering, we need to discuss what engineering as a whole actually is.
In hw-hacking, iot-security, reversing, Mar 15, 2021
The Amazing World of File Fuzzing
The world of File Fuzzing is filled with a truly spectacular display of testing. It is the latest shift in software injection and is worth anyone’s attention. But do you really know w...
In research, Mar 14, 2021
Modern Hash Cracking
When it comes to has-cracking, a hash-cracking program which works on an enormous database of hashes can guess many millions or billions of possible passwords automatically and compar...
In research, Aug 09, 2020
Neverwave: IDS/IPS like functionality in your browser with TLS inspection
During the last years IDS/IPS technology has helped to detect malicious activity not only in the server side but also in the clients side. Actually, we experience an increasing volume...
In Projects, Jun 14, 2020
Pentesting iOS Apps with OSX and a Jailbroken device
Today we will explain how to perform a basic security assessment on an iOS Application using Mac. For this assessment it is mandatory your IOS device is jailbroken. I assume you have ...
In hacking, reversing, Apr 05, 2020
OT Security at h-c0n 2020
Over the last few years OT devices have been increasingly exposed to the internet, IoT devices have progressively approached the industry and this has caused us to face different chal...
In talks, hw-hacking, iot-security, Jan 31, 2020
Drainware
Between 2011 and 2014 we developed a Cloud Platform with DLP capabilities, now in 2020 it is Open Source. It was a very cool technology at that time, we used mongo, redis, rabbitmq, ...
In Projects, Jan 22, 2020
Klara: Private retrohunting platform
Let’s talk about malware hunting. Sometimes you may find an interesting malware sample, and after reversing it you realize that the binary has characteristics that make it unique like...
In intelligence, research, Apr 18, 2019
attribution.id: Lurking threat actors and targets with VT
Lurking threat actors and targets with VT
In Projects, Mar 28, 2019
Dynamic win32 malware analysis on Linux
Sometimes we don’t have a Windows machine for analyzing a malware sample. If the sample is very simple and is not interacting much with the operating system, we can use Linux.
In reversing, Feb 24, 2019
UART access. Hardware Hacking with Bus Pirate
Bus Pirate is a flexible tool for hardware hacking that enables a universal bus interface that talks to most chips. It supports several protocols:
In hw-hacking, iot-security, Feb 17, 2019
Real-time processing with Python
Sometimes we need to process tons of data, but scaling application is not easy, above all in python. That’s why I started researching about real-time data processing and I found out A...
In research, devop, Feb 08, 2019
An Introduction To Hash Cracking
title: “An Introduction to Hash Cracking”date: “2020-8-9”image: assets/images/hashcracking.jpgauthor: namelayout: posttags: [ hash, cracking, coding]categories: [ hashcracking ]When i...
In Jan 30, 2019STM32 debugging with ST-Link
In this article I wil explain how can we program, debug and dump a firmware from STM32 boards. For this, we will need a st-link v2 programmer. The first step is to download the datash...
In hw-hacking, iot-security, Jan 30, 2019
Protocol Detector
ProtocolDetector is am open source python library I developed for Dinoflux. This library aims to provide an easy-to-use mechanism to integrate protocol detection capabilities into you...
In Projects, Sep 09, 2017
Linux dynamic analysis with callgrind
Sometimes I am fond of trying new tools even I have already a toolkit, just for having fun. In this case, I researched about valgrind suite, in particular callgrind. Callgrind is a pr...
In reversing, Jun 28, 2015
Inside HAVEX
We have analyzed a sample of Havex and from there, we have prepared a report of behavior. Throughout the report you will find all the details of operation we have located from our ana...
In reversing, Jul 24, 2014
CVE-2007-0176: GForge Cross Site Scripting vulnerability
GForge is vulnerable to a security vulnerability that allow Cross-Site Scripting attacks. Due to improper filtering, a remote attacker can exploit a cross site scripting.
In advisories, Jan 10, 2007
CVE-2006-6104: Mono XSP ASP.NET Server sourcecode disclosure
The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending...
In advisories, Dec 21, 2006
CVE-2006-5536: D-Link DSL-G624T several vulnerabilities
Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getp...
In advisories, Oct 26, 2006
CVE-2006-3929: Zyxel Prestige 660H-61 Cross-Site Scripting
Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote attackers to inject arbi...
In advisories, Jul 31, 2006
Biblia del TSM
El año 2003 salió al mercado el móvil TSM30 de Vitelcom un móvil con muchas prestaciones desarrollado por una empresa española a un precio muy razonable. Antes del TSM30 habían salido...
In old-school, Jun 01, 2004
Hacking WAP
```Resulta que para empezar a trabajar de forma cómoda en entornos móvilesen una red inalámbrica es necesario tener identificados a los clientes. Es más,cuando hay que facturarles ser...
In old-school, Apr 02, 2003
El TM+MM
Antes de empezar el artículo en sí creo que debo advertir que la información aquí contenida es solamente para fines meramente informativos, y que lo que cualquier usuario haga mas all...
In old-school, Apr 02, 2003
