Jose Ramon Palanco Follow

Jose Ramón Palanco currently holds CEO/CTO positions at EpicBounties since June 2021. In the past he founded Dinoflux at 2014, a Threat Intelligence startup acquired by Telefonica, currently he works for 11paths since 2018. He worked also for Ericsson at R&D department and Optenet (Allot). He studied Telecommunications Engineering at the University of Alcala de Henares and Master of IT Governance at the University of Deusto. He has been a speaker at OWASP, ROOTEDCON, ROOTCON, MALCON, and FAQin... He has published several CVE and different open source tools for cybersecurity like nmap-scada, ProtocolDetector, escan, pma, EKanalyzer, SCADA IDS, ...

Jose Ramon Palanco

Posts by Jose Ramon Palanco

Magspoof – Wirelessly Spoof Magnetic Stripereaders

MagSpoof is a device that can spoof or emulate any magnetic stripe or credit card and it can work wirelessly even on standard magstripe credit card readers by generating a strong elec...

In hw-hacking, iot-security, Mar 21, 2021

The Right Way to Publish a CVE

A CVE is a dictionary of publicly known cybersecurity vulnerabilities which is intended to uniquely identify and name publicly disclosed vulnerabilities pretraining to specific versio...

In research, Mar 17, 2021

IoT Reversing 101: Discovery

Before we delve into the world of reverse engineering, we need to discuss what engineering as a whole actually is.

In hw-hacking, iot-security, reversing, Mar 15, 2021

The Amazing World of File Fuzzing

The world of File Fuzzing is filled with a truly spectacular display of testing. It is the latest shift in software injection and is worth anyone’s attention. But do you really know w...

In research, Mar 14, 2021

Modern Hash Cracking

When it comes to has-cracking, a hash-cracking program which works on an enormous database of hashes can guess many millions or billions of possible passwords automatically and compar...

In research, Aug 09, 2020

Neverwave: IDS/IPS like functionality in your browser with TLS inspection

During the last years IDS/IPS technology has helped to detect malicious activity not only in the server side but also in the clients side. Actually, we experience an increasing volume...

In Projects, Jun 14, 2020

Pentesting iOS Apps with OSX and a Jailbroken device

Today we will explain how to perform a basic security assessment on an iOS Application using Mac. For this assessment it is mandatory your IOS device is jailbroken. I assume you have ...

In hacking, reversing, Apr 05, 2020

OT Security at h-c0n 2020

Over the last few years OT devices have been increasingly exposed to the internet, IoT devices have progressively approached the industry and this has caused us to face different chal...

In talks, hw-hacking, iot-security, Jan 31, 2020


Between 2011 and 2014 we developed a Cloud Platform with DLP capabilities, now in 2020 it is Open Source. It was a very cool technology at that time, we used mongo, redis, rabbitmq, ...

In Projects, Jan 22, 2020

Klara: Private retrohunting platform

Let’s talk about malware hunting. Sometimes you may find an interesting malware sample, and after reversing it you realize that the binary has characteristics that make it unique like...

In intelligence, research, Apr 18, 2019 Lurking threat actors and targets with VT

Lurking threat actors and targets with VT

In Projects, Mar 28, 2019

Dynamic win32 malware analysis on Linux

Sometimes we don’t have a Windows machine for analyzing a malware sample. If the sample is very simple and is not interacting much with the operating system, we can use Linux.

In reversing, Feb 24, 2019

UART access. Hardware Hacking with Bus Pirate

Bus Pirate is a flexible tool for hardware hacking that enables a universal bus interface that talks to most chips. It supports several protocols:

In hw-hacking, iot-security, Feb 17, 2019

Real-time processing with Python

Sometimes we need to process tons of data, but scaling application is not easy, above all in python. That’s why I started researching about real-time data processing and I found out A...

In research, devop, Feb 08, 2019

An Introduction To Hash Cracking

title: “An Introduction to Hash Cracking”date: “2020-8-9”image: assets/images/hashcracking.jpgauthor: namelayout: posttags: [ hash, cracking, coding]categories: [ hashcracking ]When i...

In Jan 30, 2019

STM32 debugging with ST-Link

In this article I wil explain how can we program, debug and dump a firmware from STM32 boards. For this, we will need a st-link v2 programmer. The first step is to download the datash...

In hw-hacking, iot-security, Jan 30, 2019

Protocol Detector

ProtocolDetector is am open source python library I developed for Dinoflux. This library aims to provide an easy-to-use mechanism to integrate protocol detection capabilities into you...

In Projects, Sep 09, 2017

Linux dynamic analysis with callgrind

Sometimes I am fond of trying new tools even I have already a toolkit, just for having fun. In this case, I researched about valgrind suite, in particular callgrind. Callgrind is a pr...

In reversing, Jun 28, 2015

Inside HAVEX

We have analyzed a sample of Havex and from there, we have prepared a report of behavior. Throughout the report you will find all the details of operation we have located from our ana...

In reversing, Jul 24, 2014

CVE-2007-0176: GForge Cross Site Scripting vulnerability

GForge is vulnerable to a security vulnerability that allow Cross-Site Scripting attacks. Due to improper filtering, a remote attacker can exploit a cross site scripting.

In advisories, Jan 10, 2007

CVE-2006-6104: Mono XSP ASP.NET Server sourcecode disclosure

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to (1) read source code by appending...

In advisories, Dec 21, 2006

CVE-2006-5536: D-Link DSL-G624T several vulnerabilities

Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getp...

In advisories, Oct 26, 2006

CVE-2006-3929: Zyxel Prestige 660H-61 Cross-Site Scripting

Cross-site scripting (XSS) vulnerability in the Forms/rpSysAdmin script on the Zyxel Prestige 660H-61 ADSL Router running firmware 3.40(PT.0)b32 allows remote attackers to inject arbi...

In advisories, Jul 31, 2006

Biblia del TSM

El año 2003 salió al mercado el móvil TSM30 de Vitelcom un móvil con muchas prestaciones desarrollado por una empresa española a un precio muy razonable. Antes del TSM30 habían salido...

In old-school, Jun 01, 2004

Hacking WAP

```Resulta que para empezar a trabajar de forma cómoda en entornos móvilesen una red inalámbrica es necesario tener identificados a los clientes. Es más,cuando hay que facturarles ser...

In old-school, Apr 02, 2003


Antes de empezar el artículo en sí creo que debo advertir que la información aquí contenida es solamente para fines meramente informativos, y que lo que cualquier usuario haga mas all...

In old-school, Apr 02, 2003



In old-school, Jun 01, 2002