HITB2012AMS Day 2 – Ghost in the Allocator

Ghost in the Allocator – Abusing the Windows 7 / 8 Low Fragmentation Heap After introducing himself, Steven Seeley, Senior Penetration Tester and Security Researcher at Stratsec starts his presentation by sharing the talk agenda: Why target the heap manager Heap terms Some Windows 7 theory WIndows 7 exploitation Changes introduced in Windows 8 Heap Windows […]

Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics

In the first parts of the exploit writing tutorial, I have discussed some common vulnerabilities that can lead to 2 types of exploits : stack based buffer overflows (with direct EIP overwrite), and stack based buffer overflows that take advantage of SEH chains. In my examples, I have used perl to demonstrate how to build […]

Installing Windows 7 from a USB key

Microsoft has announced that it will support Windows 7 installations from a USB key. This will allow people to install Windows 7 on systems that do not have a DVD drive (yes, Windows 7 will also run quite fast on your old notebook that only has 1Gb of RAM and does not have a DVD […]

Windows 7 Beta vs Release Candidate

If you are still running Windows 7 Beta, then it’s time to check out the Release Candidate version. Microsoft has reported on the Windows team blog that the Beta version will ‘stop working’ (in fact it will reboot every 2 hours) starting from July 1st. However, you can download the RC version, but the downloads […]

IPSec VPN between Windows Server 2008 and Juniper ScreenOS

In this blog post, I will show you how to set up a IPSec VPN tunnel between a Windows Server and a Juniper ScreenOS based firewall and route traffic between hosts that are located behind these 2 VPN gateways. The Windows Server will acts as a gateway to build a VPN tunnel towards the Juniper […]

Securing Windows Server 2008 and Active Directory

According to Microsoft, Windows Server 2008 is the most secure Windows server version ever. Windows 2008 does include many features that will help increase overall security of the OS, or assist you with securing AD, the network, etc. Most of the features/roles available in Windows 2008 are not being installed in a default installation of […]

How to restore a Windows 2003 DC using ASR and VMWare

The following procedure should work for any type of hardware, but I’ve used VMWare (so this procedure is also valid if you want to convert a physical Domain Controller to VMWare). Additionally, the procedure works for Windows 2003 server, but also for Windows XP (professional) Prerequisites : ASR backup .bkf file and the ASR floppy […]

Demand Global Change

The world needs your help !

Please take a few moments to read the "Demand Global Change Call For Action" document at
Read the full document at and share the message with as many people as possible.

Like the Facebook page, and SHARE it with everyone you know.


Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?

Your donation will help funding server hosting.

Protected by Copyscape Web Plagiarism Tool

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan Live training

Since 2011, Corelan GCV has been teaching live win32 exploit dev classes at various security cons and private companies & organizations.

You can read more about the training and schedules here

Corelan on IRC

You can chat with us and our friends on #corelan (freenode IRC)