Posts:

Corelan Team reply to false allegation made by Kaspersky

Hi,

A few moments ago, I was informed about an article on www.securelist.com and the fact that Corelan Team was mentioned in that post.  Apparently a researcher at Kaspersky Labs found a piece of text ("You have been owned Read more

Read More

BlackHatEU2013 – Day2 – DropSmack: How cloud synchronization services render your corporate firewall worthless

Jake Williams (@malwareJake) from CSR Group has more than a decade of experience with systems engineering, network defines, malware reverse engineering, penetration testing and forensics. He spent some good time looking at Cloud synchronization services and is presenting some Read more

Read More

HITB2012AMS Day 1 – One Flew Over The Cuckoos Nest

One Flew Over The Cuckoos Nest – Automated Malware Analysis

Claudio Guarnieri, senior researcher at iSight Partner, and part of the Shadowserver Foundation and the HoneyPot project.  He works with malware on a daily basis, maintains malwr.com Read more

Read More

Honeynet Workshop 2011

March 21th I was in Paris for the annual Honeynet Workshop. For the first time this year there was a conference day accessible to the general public. Moreover, I didn't have to pay the registration fee since I successfully completed one of the Honeynet Forensics challenges. The day was split in 4 sessions and had talks covering the Honeynet projects, malware, and ethical and legal considerations of tracking botnets and eventual take-downs. Read more
Read More

BlackHat Europe 2011 / Day 02

Having missed the IOActive party last night, I woke up fresh and sharp and ready for some kick-ass debugger stuff so I decided to start my second day at BlackHat Europe 2011 with attending the Cisco IOS fuzzing & debugging talk. Read more
Read More

The Honeypot Incident – How strong is your UF (Reversing FU)

Interested in capturing, documenting and analyzing scans and malicious activity, Corelan Team decided to set up a honeypot and put it online. In the first week of december 2010, Obzy built a machine (default Windows XP SP3 installation, no patches, firewall turned off), named it "EGYPTS-AIRWAYS", set up a honeypot + some other monitoring tools, and connected it to the internet. Read more
Read More