# ransompkp

**Repository Path**: mirrors_cyph/ransompkp

## Basic Information

- **Project Name**: ransompkp
- **Description**: "RansomPKP" proof of concept.
- **Primary Language**: Unknown
- **License**: BSD-3-Clause
- **Default Branch**: master
- **Homepage**: None
- **GVP Project**: No

## Statistics

- **Stars**: 0
- **Forks**: 0
- **Created**: 2021-10-22
- **Last Updated**: 2026-01-25

## Categories & Tags

**Categories**: Uncategorized

**Tags**: None

## README

# RansomPKP

Basic PoC of hostile HPKP Suicide, as discussed in Bryant Zadegan and Ryan Lester's
Black Hat / DEF CON talk "Abusing Bleeding Edge Web Standards for AppSec Glory".

Despite the tongue-in-cheek name, this is _not_ ransomware. It's merely a
demonstration of a concept that could _hypothetically_ be implemented within some
future ransomware package, uncovered in the course of our security research.

This also is _not_ an exploit that facilitates attaining root access to a box.
Doing so would be a _prerequisite_ to using a hypothetical RansomPKP-based
ransomware package, and as such would be entirely left as an exercise to the
attacker.