001_Security

corelanc0d3r interviewed by Slo-Tech

Introduction: We continue our series of interviews with a slightly »unusual« talk this time: Peter Van Eeckhoutte may be unknown to readers who don’t follow the InfoSec scene on a daily basis. But he is well known to the international security community and his name is climbing fast on the list of top security researchers. He’s […]

Blackhat Europe 2010 Barcelona – Day 10

I got up early this morning, trying to be sharp and well prepared for day 2 of the BlackHat briefings. As some of you may know, I’m not really a morning person, so I usually need some time to wake up and wait until all components in my body start functioning again. After one day […]

Blackhat Europe 2010 Barcelona – Day 01

As some of you might know, I am currently attending Blackhat Europe (hosted in Barcelona this year). So I wanted to take the opportunity to fill you in on the details of this first day of briefings, and provide you with a short overview of the presentations I have attended today. I am most certainly […]

Exploiting Ken Ward Zipper : Taking advantage of payload conversion

In the article I wrote on the abysssec.com website, I explained the steps and techniques needed to build a working exploit for Ken Ward’s zipper. One of the main difficulties I had to overcome when building the exploit, was the character set limitation. I basically could only use a subset of the ascii characters (only […]

QuickZip Stack BOF 0day: a box of chocolates

Over the last couple of weeks, ever since I published 2 articles on the Offensive Blog, I have received many requests from people asking me if they could get a copy of those articles in pdf format. My blog does not include a pdf generator, but it has a “print” button, so you can get […]

Ken Ward Zipper exploit write-up on abysssec.com

Hi all, I just wanted to drop a few lines to let you know that, earlier today, my exploit write-up article about this vulnerability was published on www.abysssec.com. You can find the article here : http://www.abysssec.com/blog/2010/03/ken-ward-zipper-stack-bof-0day-a-not-so-typical-seh-exploit/ Enjoy !

QuickZip exploit article part 2 released on OffSec Blog

Hi all. I just wanted to drop a quick note that I have released part 2 of the QuickZip 0day vulnerability exploit on the Offensive Security Blog just a few moments ago. You can find the article here. Have fun & cheers !

corelanc0d3r featured on Offensive Security Blog

A few moments ago I published a detailed write-up, explaining the steps I took to build a 0day exploit for a zip file handling bug in QuickZip, on the Offensive Security blog. You can read the article here : http://www.offensive-security.com/blog/vulndev/quickzip-stack-bof-0day-a-box-of-chocolates/

Exploit writing tutorial part 9 : Introduction to Win32 shellcoding

Over the last couple of months, I have written a set of tutorials about building exploits that target the Windows stack. One of the primary goals of anyone writing an exploit is to modify the normal execution flow of the application and trigger the application to run arbitrary code… code that is injected by the […]

Starting to write Immunity Debugger PyCommands : my cheatsheet

When I started Win32 exploit development many years ago, my preferred debugger at the time was WinDbg (and some Olly). While Windbg is a great and fast debugger, I quickly figured out that some additional/external tools were required to improve my exploit development experience. Despite the fact that the command line oriented approach in windbg […]

Corelan Live training

Since 2011, Corelan GCV has been teaching live win32 exploit dev classes at various security cons and private companies & organizations.

You can read more about the training and schedules here

Demand Global Change

The world needs your help !

Please take a few moments to read the "Demand Global Change Call For Action" document at
http://bit.ly/demandglobalchange
Read the full document at
http://bit.ly/demandglobalchange_full and share the message with as many people as possible.

Like the Facebook page, and SHARE it with everyone you know.



Donate

Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?



Your donation will help funding server hosting.

Protected by Copyscape Web Plagiarism Tool

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan on IRC

You can chat with us and our friends on #corelan (freenode IRC)

Categories