Studies

Compass Security supervises students writing a scientific paper on an aspect of IT security as part of their bachelor or master’s degree. We help students to link theory with practice, either on a subject of their own choosing or one of the current questions facing the security industry.

Papers written in cooperation with Compass Security:

ThemaVerfasserJahr
Emil on SteroidsSven Defatsch, Patrick Steinhäusl2018
Hacking-Lab 2.0Janick Engeler, Yanick Gubler2018
RFID WebauthentifizierungAndreas Eder, Pascal Kistler2017
Man-in-the-Browser DetectionMatthias Gabriel, Philip Schmid2017
Malware HuntingOliver Nietlispach, Roman Ehrbar2017
Fish Tank Suite - Proxy Redirection with Fake C&CSilvan Adrian, Fabian Binna2016
Forensic Triage KitMathias Vetsch, Luca Tännler2016
SAML2 Burp PluginRoland Bischofberger, Emanuel Duss2015
XSLT Processing Security and Server Request ForgeriesRoland Bischofberger, Emanuel Duss2014
Forensik virtueller MaschineChristian Wagner2014
Crypto-based security mechanisms in Windows and .NETAlexandre Herzog2013
Smart Energy SecurityCyrill Brunschwiler2013
Sicherheitskonzept für Webservices der Berner FachhochschuleSimon Gerber2012
NFC-SnifferFabian Vogt2012
Web Applikation Security am Beispiel eines Know-How Management SystemFelix Preussner2009

Compass Security Blog

XSS worm – A creative use of web application vulnerability

In my free time, I like to do some bug bounty hunting. For some reasons, I’ve been doing this almost exclusively for Swisscom. One of the reason is that the scope is very broad and I like to have this... mehr

Substitutable Message Service

Have you ever said something and later regretted it? Or written an email to someone and then wished it had not happened? Or sent an SMS message but afterward desired to change its content? Well,... mehr

ZUM BLOG

CALENDAR

Beer-Talk #18 in Berlin: How to pwn a Global Player in two days

Thanks to greater financial and personal resources, large companies are better equipped against hacking attacks than smaller companies and startups.... Read more

Beer-Talk #27 in Zurich: WiFi Open to WPA3

WiFi is omnipresent, but the networks often have weaknesses. Does the WPA3 standard provide additional defenses? We will show you whether the WiFi... Read more

5. Digital Real Estate Summit 2019

The place to meet the digital real estate industry. Read more

ALL DATES

NEWS

Vulnerability in mod_auth_openidc module

Mischa Bachmann has identified a reflected cross site scripting (XSS) vulnerability in the mod_auth_openidc module for the Apache 2.x HTTP server. Read more

Compass Security supervises scientific work

Compass Security volunteers as supervisor for academic work and studies relating to information security. Read more

Vulnerability in the Siemens SICAM A8000 Series web interface

Emanuel Duss and Nicolas Heiniger have identified an XXE vulnerability in the web interface of the Siemens SICAM A8000 Series. Read more

ARCHIVES