For the past year or so I’ve spent a significant amount of time fuzzing various applications with the hopes of identifying exploitable crashes. Early on in my research I quickly realized that building fuzzers and generating large quantities Read more
Last week, while doing my bi-weekly courseware review and update, I discovered that my heap spray script for Firefox 9 no longer works on recent versions. Looking back at the type of tricks I had to use to Read more
Time flies. Almost 3 weeks have passed since we announced the ability to run mona.py under WinDBG. A lot of work has been done on mona.py in the meantime. We improved stability and performance, updated to pykd.pyd 0.2.0.14 Read more
I’m not going to spend a lot of words on this. Facts speak for themselves.
A short while ago, I discovered this:
http://www.hackforums.net/showthread.php?tid=3031925
(you need to register to get access to the thread). Screenshot :
idle-hands profile :
Reputation
Read more
If you didn’t register your ticket for the Corelan Live Exploit Development training at Derbycon 2012, then there is bad news for you… We’re sold out.
Not all is lost though. For the second year in a row, Corelan Read more
In the last talk of Day 1, Roberto Suggi Liverani and Scott Bell (not present during the presentation), security consultants at Security-Assessment.com, will share the results of some intensive browser Read more
Claudio Guarnieri, senior researcher at iSight Partner, and part of the Shadowserver Foundation and the HoneyPot project. He works with malware on a daily basis, maintains malwr.com Read more
Good morning everyone,
After spending a couple of hours on the train, picking up my HITB badge, meeting with some of the organizers and having a great evening hanging out with Steven Seeley, Roberto Suggi Liverani, Read more
