BlackHat 2010 Presentation by Papathanasiou about Abusing JBoss, deploying your JARs without Authentication and executing Code on JBoss and Tomcat Java servers.
Click

Und das dazu passende Metasploit Module

This exploit dynamically creates an applet via the Msf::Exploit::Java mixin, converts it to a .jar file, then signs the .jar with a dynamically created certificate containing values of your choosing. This is presented to the end user via a web page with an applet tag, loading the signed applet. The user's JVM pops a dialog asking if they trust the signed applet and displays the values chosen. Once the user clicks 'accept', the applet executes with full user permissions.
Click

“A security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password.
… merely by plugging in your Firewire cable and running a command”.
Click
Get the source

POC exploit by Pierre Betouin that crashes hcidump by sending bad L2CAP packet.
Click

Proof of concept exploit that resets Sony/Ericsson phones via a flaw in Bluetooth.
Click

Oder direkt als komplettes Tool geschnürt:
"Performs several L2CAP checks sending malicious packets (L2CAP). Initial source code analysis from tanya tool (tbear)"
bss-0.6