mona.py (21)

The original Corelan exploit writing tutorials helped a generation of security researchers understand how memory corruption really works. Today, we continue that journey with a second video in the series — revisiting Exploit Writing Tutorial Part 2 using a modern Windows 11 x64 lab environment, WinDBG, and mona.py. In this video, we dive into jump code, execution flow redirection, and custom jump techniques that remain essential knowledge for understanding stack-based exploitation and exploit reliability. Read more

Long overdue… but today it finally happened. We’re proud to announce the release of mona v3. This new version brings Python 2 and Python 3 compatibility (Python 3 recommended), support for both 32-bit and 64-bit targets, full integration with WinDBG and WinDBGX, continued compatibility with Immunity Debugger, and the use of the pykd-ext bootstrapper. It also includes a substantial refactor and modernization of the codebase, making it faster, leaner, and better prepared for the future. This post covers what changed, key improvements, important prerequisites, installation and migration guidance, and the current list of supported commands. Continue reading to learn all the details and discover how to get mona v3 up and running in your environment. Download links, setup instructions, and the GitHub repository are provided further down in this post. Read more

Introduction

Hi all,

While preparing for my Advanced exploit dev course at Derbycon, I've been playing with heap allocation primitives in IE.  One of the things that causes some frustration (or, at least, tends to slow me down during Read more

As the CSO/CISO/person responsible for Information Security, your job is to...  well ... do you even know?  Does upper management know? 

"Our crappy CSO <this>..." and "Our stupid CSO <that>..." are statements commonly used by various (techie) people, throwing Read more

Good morning Amsterdam, good morning readers, welcome to the second day of the Hack In The Box conference. The speaker for the first keynote didn't show up,  so we'll jump right into the next keynote.

Jennifer starts Read more

Table of Contents

• Foreword
• Introduction
• Analyzing the Crash Data
• Identifying the Cause of Exception
  • Page heap
  • Initial analysis
• Reversing the Faulty Function
• Determining Exploitability
  • Challenges
  • Prerequisites
  • Heap Basics
    • Lookaside Lists
    • Freelists
  • Preventative Security Measures
    • Safe-Unlinking
    • Heap Cookies
  • Application Specific Read more

Introduction

For the past year or so I've spent a significant amount of time fuzzing various applications with the hopes of identifying exploitable crashes.  Early on in my research I quickly realized that building fuzzers and generating large quantities Read more

Introduction

Time flies. Almost 3 weeks have passed since we announced the ability to run mona.py under WinDBG.  A lot of work has been done on mona.py in the meantime.  We improved stability and performance, updated to pykd.pyd 0.2.0.14 Read more

Ho Ho Ho friends,

It has been a while since we posted something on the Corelan Team blog, I guess we all have been busy doing ... stuff and things, here and there.  Nevertheless, as the year is close Read more

If you didn't register your ticket for the Corelan Live Exploit Development training at Derbycon 2012, then there is bad news for you...   We're sold out.

Not all is lost though. For the second year in a row, Corelan Read more