Dave Kukfa Security bub



The Hardest CTF I’ve Ever Done: My Experiences Reverse Engineering an MMORPG

  • April 2017
  • Presented at BSidesROC
  • Provides a high-level overview, methodology, and technical details of reverse engineeering an MMORPG

“MMORPGs provide countless hours of entertainment by allowing gamers to escape into exciting virtual worlds and form communities through their online interactions. However, these games are almost entirely at the mercy of their publishers: if the game is decommissioned and the server is shut down, these virtual worlds cease to exist, game communities are broken up, and the game is left virtually unplayable. At this point, many turn to reverse engineering the game to restore gameplay – a long, arduous technical challenge that is riddled with pitfalls and gotchas. This talk covers the journey I’ve gone through while reverse engineering a decommissioned MMORPG over the past 2 years. Technical aspects will be discussed, as well as legal implications and a project demo.”

Web Attacks 102

  • February 2016
  • Focuses on web application defense

Web Attacks 101

  • January 2016
  • Explains basic web attacks and how they work
  • Topics include an introduction to HTTP, reflected XSS, stored XSS, and SQL injection


Web Application Cheat Sheet

  • Reference document that provides a quick overview of web application security issues