Corelan Team (corelanc0d3r)

HITB2014AMS – Day 1 – State of the ART: Exploring the New Android KitKat Runtime

Good afternoon and welcome back to Hack In the Box.  I can’t think of anything better than a talk on ART, the new Android KitKat Runtime, to digest lunch :) Intro ART was introduced in Android 4.4 back in October 2013 and although it is still in an experimental stage, it’s poised to replace Dalvik […]

HITB2014AMS – Day 1 – Harder, Better, Faster Fuzzer: Advances in BlackBox Evolutionary Fuzzing

Vulnerability Hunting Active security testing, Fabien explains, is the process of generating input which travel in the application, hit a sink and violate a property.  It applies to all kinds of vulnerabilities, not just limited to buffer overflows or memory corruption bugs.   Blackbox and whitebox/greybox testing (both static and dynamic) are ways to perform […]

HITB2014AMS – Day 1 – Keynote 2: Building a Strategic Defense Against the Global Threat Landscape

Kristin starts her keynote by explaining that she has been in the business about 22 years ago and used to be in public services.  A long time ago, she married a husband who was in the military and ran a program for spouses to meet/connect while their husbands were deployed. During one of the meetings, […]

HITB2014AMS – Hack In The Box / Haxpo 2014 Amsterdam

Dear friends, I’m getting ready for a short trip to Amsterdam, to attend the 5th Hack In The Box conference tomorrow … and I’m “hashtag” excited about it. HITB Haxpo and HITB2014AMS feature and amazing schedule of talks, an impressive selection of speakers and offers numerous side-events and I really can’t think of a better place […]

On CVE-2014-1770 / ZDI-14-140 : Internet Explorer 8 "0day"

Hi all, I have received a ton of questions regarding a recently published ZDI advisory, which provides some details about a bug I discovered and reported to Microsoft (via ZDI), affecting Internet Explorer 8.  I wanted to take a few moments to clarify some of the confusion and answer some of the questions in this […]

Happy 5th Birthday Corelan Team

Introduction Corelan Team was founded in September of 2009. Over the last few years, the team has written and published numerous tutorials on exploit development.  We have created a series of tools and scripts,  and worked with vendors/developers across the globe to report vulnerabilities in their applications. To make it easier for people to reach […]

Corelan Team reply to false allegation made by Kaspersky

Hi, A few moments ago, I was informed about an article on www.securelist.com and the fact that Corelan Team was mentioned in that post.  Apparently a researcher at Kaspersky Labs found a piece of text (“You have been owned by CorelanX”) inside a malware sample and concluded that, due to the mere presence of that […]

Metasploit Meterpreter and NAT

Professional pentesters typically use a host that is connected directly to the internet, has a public IP address, and is not hindered by any firewalls or NAT devices to perform their audit. Hacking “naked” is considered to be the easiest way to perform a penetration test that involves getting shells back. Not everyone has the […]

A chain is only as strong as its weakest link – DNS Hijack Monitoring

It doesn’t really matter how much time your developers have spent writing secure code and how many layers of security you have implemented to protect your website from being hacked and defaced.  Recent incidents have demonstrated that the bad guys will simply look for and find an easier way to hurt your business.  Instead of […]

Corelan Training

We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011

Check out our schedules page here and sign up for one of our classes now!

Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Protected by Copyscape Web Plagiarism Tool

Corelan on Slack

You can chat with us and our friends on our Slack workspace:

  • Go to our facebook page
  • Browse through the posts and find the invite to Slack
  • Use the invite to access our Slack workspace
  • Categories