Posts:

HITB2012AMS Day 2 – Ghost in the Allocator

Ghost in the Allocator – Abusing the Windows 7 / 8 Low Fragmentation Heap

After introducing himself, Steven Seeley, Senior Penetration Tester and Security Researcher at Stratsec starts his presentation by sharing the talk agenda:

Read More

Metasploit Bounty – the Good, the Bad and the Ugly

On June 14, 2011 HD Moore announced the Metasploit Bounty contest, offering a cash incentive for specific vulnerabilities to be submitted as modules in the Metasploit Framework. Titled "30 exploits, $5000 in 5 weeks", a post on the Rapid7 blog lists the 30 "bounties" selected by the MSF team, waiting for someone to claim and submit a working exploit module. Read more
Read More

Codegate 2011 CTF – Binary200 – Anti Debugging Techniques Explained

Aloha, Again I stumbled upon a nice reverse-me, binary200 from the Codegate 2011 CTF. And again there are some really interesting anti-debugging tricks implemented, so I decided to produce another video. Read more
Read More

The Honeypot Incident – How strong is your UF (Reversing FU)

Interested in capturing, documenting and analyzing scans and malicious activity, Corelan Team decided to set up a honeypot and put it online. In the first week of december 2010, Obzy built a machine (default Windows XP SP3 installation, no patches, firewall turned off), named it "EGYPTS-AIRWAYS", set up a honeypot + some other monitoring tools, and connected it to the internet. Read more
Read More

Exploit writing tutorial part 9 : Introduction to Win32 shellcoding

Over the last couple of months, I have written a set of tutorials about building exploits that target the Windows stack. One of the primary goals of anyone writing an exploit is to modify the normal execution flow of Read more

Read More