About me
Hi,
My name is Peter Van Eeckhoutte. I was born in 1975 and spent my childhood in a small town called Vichte, Belgium.
14 years later, I got my first computer and about 5 years later I started working in a computer shop where I was responsible for the technical department, servers/network installations, etc… I finished my Bachelor degree in IT at the same time.
In 2000, right after the Y2K hype, I was hired by a big company to serve as Systems Administrator. My main responsibility was taking care of the servers and network, and shortly after I became part of the Center of Excellence for Security and Messaging for our European sister companies.
About one year later, I became a member of the Core Active Directory Team and Security Competence Center for the entire corporation (worldwide) and was appointed “IT Security Officer”.
In 2006/2007, our European group of companies has been acquired by another big company and we have merged with another large company early 2009. All of this has given me the opportunity to work with some great people all over the world, manage complex projects and keep my never-ending drive to gather knowledge alive.
I started this website in 2007.
Until mid June 2009, I have been serving as IT Infrastructure Manager (and IT Security Officer) at the very same company, managing an excellent team of Helpdesk/PC Support/Network Engineering/Systems Engineering folks, trying to do as much “hands-on” operations as possible.
On June 15th 2009, I was appointed IT Infrastructure Manager Northern Europe, adding our sister companies in the Netherlands and Germany to my responsibilities.
In September 2009, I founded the Corelan Security Team, gathering a group of security enthusiasts, who all share the same common interests : research, learn and share. Since that date, the team has been working with tons of vendors, reporting numerous bugs, requesting vendors to fix, and performing coordinated disclosure, with the aim to make this digital world a little bit safer.
In April 2011, I founded Corelan GCV,the legal entity behind the corelan training activities.
In January 2012, I became the CISO | Corporate IST Security Officer at the company I have been working for since 2000.
In September 2014, I became the Director of IST Infastructure Services and Security at the same company.
In October 2018 I left my corporate job. In February 2019, with the creation of “Corelan Consulting bvba”, I became 100% self-employed, and started to provide IT Security Consulting services in addition to the Corelan training activities.
I currently live in Deerlijk (Belgium), married (to the best wife in the world !!), and proud father.
Links :
Me on
- packetstorm
- securityreason
- Offensive Security (Exploit-DB)
- osvdb
- secunia
- shell-storm
Twitter : https://twitter.com/corelanc0d3r
Interviews
- http://slo-tech.com/clanki/10016en/ – http://www.erevija.com/novica/2348147/Intervju:-Peter-Van-Eeckhoutte
- http://chr1x.sectester.net/corelanc0d3r.php (and http://ax0us.sectester.net/2010/04/peter-van-eeckhouttes-interview.html)
- http://www.security4arabs.com/2011/05/28/interview-with-peter-van-eeckhoutte/
Articles I wrote (3rd party):
- https://community.rapid7.com/community/metasploit/blog/2011/10/11/monasploit
- http://www.abysssec.com/blog/2010/03/ken-ward-zipper-stack-bof-0day-a-not-so-typical-seh-exploit
- http://www.offensive-security.com/blog/vulndev/quickzip-stack-bof-a-box-of-chocolates-part-2/
- http://www.offensive-security.com/blog/vulndev/quickzip-stack-bof-0day-a-box-of-chocolates/
Seminars I presented at:
Derbycon 2011
Hack In Paris 2011
- http://www.vulnerabilitydatabase.com/2011/06/exclusive-mona-1-0-released-pvefindaddr-is-dead-long-live-to-mona/
- http://www.segmentationfault.fr/securite-informatique/hack-in-paris-2011/
- https://picasaweb.google.com/106467546667993439289/ConferencesHackInParis2k11#5631011423878594002
- http://www.hackinparis.com/talk-project-quebec-pvefindaddr
Athcon 2011
- http://4li3n.posterous.com/athcon-2011-a-not-of-this-earth-look#!/
- http://www.news-for-techies.com/?p=270
- http://www.youtube.com/watch?v=wgW4PxsKl2s&feature=player_embedded
Websites containing info regarding the Infosec Institute Copyright Dispute
- http://www.j4vv4d.com/?p=319
- http://www.ethicalhacker.net/component/option,com_smf/Itemid,54/topic,8068.0/
Websites/Blogs mentioning this blog, Corelan Team, our tools :
- https://6b253ad5-a-62cb3a1a-s-sites.googlegroups.com/site/mateustymbu/SBSeg_%202012-Minicurso1.pdf
- https://lkml.org/lkml/2012/10/6/109
- http://cert.inteco.es/extfrontinteco/img/File/intecocert/EstudiosInformes/cert_inf_software_exploitation.pdf (Spanish)
- http://blog.the-playground.dk/2012_08_01_archive.html
- http://badishi.com/own-and-you-shall-be-owned/
- https://thesprawl.org/journal/tag/corelan/
- http://www.greyhathacker.net/?p=380
- http://media.blackhat.com/bh-ad-11/Drake/bh-ad-11-Drake-Exploiting_Java_Memory_Corruption-WP.pdf
- http://c0nnect3d.blogspot.com/2012/01/my-favorite-website-which-may-help-you.html
- https://community.rapid7.com/community/metasploit/blog/2012/03/28/metasploit-update
- https://community.rapid7.com/community/metasploit/blog/2012/03/21/metasploit-update
- http://blog.rootshell.be/2012/03/09/march-2012-issa-be-chapter-meeting-wrap-up
- http://certcollection.org/forum/topic/144558-corlean-team-exploit-writing-tutorials/
- http://ghostinthelab.wordpress.com/2012/01/08/%CE%B3%CF%81%CE%AC%CF%88%CF%84%CE%B5-exploits-%CE%B5%CF%8D%CE%BA%CE%BF%CE%BB%CE%B1-%CE%BA%CE%B1%CE%B9-%CE%B3%CF%81%CE%AE%CE%B3%CE%BF%CF%81%CE%B1/
- http://www.justbeck.com/getting-started-in-exploit-development/
- http://hacksys.vfreaks.com/research/freefloat-ftp-server-buffer-overflow.html
- http://www.greyhathacker.net/?p=380
- http://www.greyhathacker.net/?p=307
- http://cosine-security.blogspot.com/2011/10/derbycon-retrospective.html?spref=tw
- http://vx.org.ua/wargamevx/?p=129
- http://volatile-minds.blogspot.com/2011/07/breaking-mailenable-234-lesson-in.html
- http://packetstorm.igor.onlinedirect.bg/papers/bypass/defeating_data_execution_prevention_and_aslr_in_windows_xp_sp3.pdf
- http://www.vulnerabilitydatabase.com/tag/mona/
- http://questions.securitytube.net/questions/2541/has-anyone-used-mona-py-yet
- http://blog.stalkr.net/2011/04/pctf-2011-19-another-small-bug.html
- http://samhacked.blogspot.com/2011/04/differences-between-ida-pro-immdbg-and.html
- http://hacktivity.hu/portal/downloadable/presentations_2010/KabaiAndras_Hacktivity2010.pdf
- http://0vercl0k.tuxfamily.org/bl0g/Articles/CVE-2010-3970%20Demystified/0vercl0k_cve-2010-3970_Demystified.pdf
- http://www.adityamodha.com/2011/03/all-about-buffer-overflows.html
- http://orchilles.com/2011/03/blackhat-europe-2011-recap.html
- http://binholic.blogspot.com/2011/02/exploitation-novactf-january-2011_09.html
- http://sickness.tor.hu/?p=308
- http://blog.metasploit.com/2011/01/exploiting-seh-overwrites-using-rop.html
- http://www.reddit.com/r/ReverseEngineering/comments/fck63/the_honeypot_incident_how_strong_is_your_uf/
- http://www.xakep.ru/post/54471/default.asp
- http://www.xakep.ru/local/search/search.asp?text=pvefindaddr&x=0&y=0
- http://www.andhrahackers.com/forum/hacking-tut/brilliant-exploit-writing-tutorials/
- http://0entropy.blogspot.com/2011/01/checking-aslr-safeseh-and-more.html
- http://roycedavis.net/wordpress/?p=38
- http://www.ask-a-pentester.com/
- http://blog.carlosgarciaprado.com/?p=441
- http://code.google.com/p/it-sec-catalog/wiki/Exploitation
- http://kaillerahacks.blogspot.com/
- http://cloudsecurity.org/blog/2010/12/17/brucon-2010-more-on-project-skylab.html
- http://sla.ckers.org/forum/read.php?11,35996
- http://r00tsecurity.org/forums/topic/11985-finding-a-bug/
- http://hacking2.0.forumcommunity.net/?t=42047786
- http://www.bug.hr/vijesti/bezazlene-datoteke/105086.aspx
- http://www.reddit.com/domain/corelan.be/
- http://www.accountingweb.co.uk/anyanswers/anatomy-pdf-virus-do-you-know-what-you-are-opening
- http://www.cupfighter.net/index.php/2010/11/missing-mss-setting-windows-2008/?utm_source=twitterfeed&utm_medium=twitter
- http://www.codeproject.com/script/Mailouts/View.aspx?mlid=8479
- http://www.reddit.com/r/technology/comments/e90xo/this_guy_is_good_crosspost_netsec/
- http://kaillerahacks.blogspot.com/2010_10_01_archive.html
- http://www.0day.biz/2010_10_01_archive.html
- http://www.x90c.org/SEH%20all-at-once%20attack.pdf
- http://forums.zita.be/software-algemeen/119150-internetsecurity-virusscanner-182.html#post2339798
- http://binholic.blogspot.com/2010/11/exploitation-foxit-reader-411-unicode.html
- http://securitythoughts.wordpress.com/reading-room/
- http://www.hotwaves.net/2010/11/11/torneo-de-hacking-haxx-me-3-finalizado-por-corelan-team/
- http://www.garage4hackers.com/showthread.php?367-Favourite-Security-Blogs&highlight=blogs
- http://infosecevents.net/2010/10/25/week-41-in-review-2010/
- http://x-sploited.com/2010/10/20/fuzzing-ftp-clients-corelans-msf-module/
- http://www.hack4fun.eu/2010/10/corelan-metasploit-ftp-client-hunt
- http://www.garage4hackers.com/showthread.php?399-Death-of-an-ftp-client-Birth-of-Metasploit-modules
- http://pentestn00b.wordpress.com/2010/10/12/death-of-an-ftp-client-birth-of-metasploit-modules/
- http://em386.blogspot.com/2010/06/its-2010-and-your-browser-has-assembler.html
- http://blog.felix-aime.fr/securite-des-systemes-dinformation/si-toi-aussi-tu-veux-smatcher-du-stack-ou-peter-de-leip-en-2o1o/
- http://crazylazy.info/blog/content/0x41-weekly-exploitation-matters-shellcode-and-frameworks
- http://punter-infosec.com/exploit-writing-tutorials-for-pentesters
- http://www.s3cur1ty.de/fancy-backjumps-corelan-tut1
- http://www.manzotti.eu/
- http://www.metasploit.com/redmine/projects/framework/wiki/ExploitModuleDev
- http://www.zdnet.com/blog/security/microsoft-ships-fix-it-for-dll-load-hijacking-attack-vector/7241
- http://www.heise.de/newsticker/meldung/Microsoft-Tool-gegen-DLL-Luecke-stoert-Programme-1069075.html
- http://monstream00.wordpress.com/2010/08/25/microsoft-windows-power-point-2007-dll-hijacking-exploit-pp4x322-dll/
- http://gratissoftwaresite.nl/nieuws/Ernstig%20DLL-lek%20in%20Windows%20maakt%20honderden%20programma’s%20kwetsbaar%20voor%20aanvallen
- http://webwereld.nl/nieuws/66994/dll-aanvallen-op-zeker-40-apps.html
- http://em386.blogspot.com/2010/06/its-2010-and-your-browser-has-assembler.html
- http://djtechnocrat.blogspot.com/2010/08/better-faster-stronger.html
- http://blog.segu-info.com.ar/2010/08/segu-info-en-el-diario.html#axzz0y4TgCkC4
- http://www.gianniamato.it/2010/08/dll-vulnerability-2269637-individuare-le-applicazioni-vulnerabili.html
- http://geekinfosecurity.blogspot.com/2010/08/dll-hell-come-back-share-di-rete-in.html
- http://digitalacropolis.us/?p=113
- http://blogs.pcmag.com/securitywatch/2010/08/list_of_dll_vulnerability_wind.php
- http://hwsw.hu/hirek/45145/microsoft-dll-sebezhetoseg-adobe-mozilla-firefox-opera-chrome-skype-winamp.html
- http://securitygarden.blogspot.com/2010/08/protection-from-dll-vulnerability-with.html
- http://www.idg.se/2.1085/1.335725/har-ar-programmen-som-kan-attackeras-i-windows
- http://www.security.nl/artikel/34274/1/Lijst_van_kwetsbare_Windows_apps_(dll-lek).html
- http://www.computerworld.com/s/article/9181918/Windows_DLL_exploits_boom_hackers_post_attacks_for_40_plus_apps
- http://threatpost.com/en_us/blogs/exploit-code-list-apps-vulnerable-dll-hijacking-hit-web-082510
- http://www.secsavvy.com/exploit-development/overflow-exploit
- http://i8jesus.com/?p=167
- http://www.limited-entropy.com/links
- http://www.garage4hackers.com/showthread.php?226-How-Shall-I-learn-Exploitation-Techniques
- http://rstcenter.com/forum/24525-corelan-exploit-writing-tutorials.rst
- http://buhera.blog.hu/2010/06/23/a_konnyeimmel_lehetne_csillapitani_egesz_uganda_szomjat
- http://www.security.nl/artikel/33669/1/Onderzoeker_laat_zien_hoe_je_hackers_kunt_hacken.html
- http://insanerealm.com/index.php?option=com_content&view=article&id=41&catid=5
- http://punter-infosec.com/?p=112
- http://www.exploit-db.com/osx-rop-exploits-evocam-case-study/ (See “Rop-A-Bye” and “Thanks To” sections)
- http://www.dsecrg.com/files/pub/pdf/Confidence2010%20ROP%20and%20JIT-Spray.pdf (page 26)
- http://exploit.co.il/hacking/manual-egghuntershellcode-encoding/
- http://diablohorn.wordpress.com/2010/06/11/future-patching-made-easy/
- http://psychsec.wordpress.com/2010/06/05/exploit-writing/
- http://kaze.crazylazy.info/blog/content/0x41-weekly-exploitation-matters-shellcode-and-frameworks
- http://acme-labs.org.uk/galleries/42/0000/2312/practical.pdf
- http://www.abysssec.com/blog/2010/05/past-present-future-of-windows-exploitation/
- http://www.ethicalhacker.net/content/view/309/2/
- http://blog.red-database-security.com/2010/04/18/blackhat-2010-presentation-oracle-interrupted-stealing-sessions-and-credentials-online/
- http://blog.c22.cc/2010/04/18/blackhat-europe-gone-but-not-forgotten/
- http://blog.rootshell.be/2010/04/16/attending-security-conferences-from-a-social-point-of-view/
- http://www.wadalbertia.org/foro/viewtopic.php?f=4&t=5906
- http://claudiufrancu.blogspot.com/2010/03/exploit-writing-tutorial-site-this-is.html
- http://securitythoughts.wordpress.com/2010/03/18/tool-unique-pattern-generator-for-exploit-development/
- http://x9090.blogspot.com/2010/03/tutorial-exploit-writting-tutorial-from.html
- http://www.rstcenter.com/forum/21172-tool-unique-pattern-generator-exploit-development.rst
- http://tecninja.net/blog/?p=22
- http://extraexploit.blogspot.com/2010/01/iexplorer-0day-cve-2010-0249.html
- https://net-ninja.net/blog/?p=14
- http://lilxam.tuxfamily.org/blog/?p=259
- http://experi3nc3.wordpress.com/2010/09/07/oasis6-pwned/
- http://c4an-dl.blogspot.com/2010/01/exploit-writing-tutorial-link-to-great.html
- http://it-republik.de/php/news/Security-Hinweise-zu-Microsofts-Anwaelten-und-mehr-054149.html
- http://www.kecoak-elektronik.net/log/2010/01/31/seh-overwrite-for-n00b/ [down]
- http://www.rec-sec.com/2010/01/22/corelanc0d3r-exploit-tutorials/
- http://www.projectshellcode.com/?q=node/261
- http://www.steve-shead.com/tag/airodump-ng/
- http://code.google.com/p/w32-seh-omelet-shellcode/
- http://www.kecoak-elektronik.net/log/2010/01/21/talkative-irc-0-4-4-16-remote-stack-overflow-old-bug/
- http://www.bases-hacking.org/vrai-hacking.html
- http://perpetualhorizon.blogspot.com/2009/12/pvefindaddr-immdbg-plugin-exposes.html
- http://www.room362.com/mubixlinks/2009/12/1/exploit-writing-tutorial.html
- http://raykoid666.wordpress.com/2009/11/28/remote-buffer-overflow-from-vulnerability-to-exploit-part-1/
- http://crackinglandia.blogspot.com/2009/11/quick-post-exploit-writing-tutorials.html
- http://professionalsecuritytesters.org/article-topic-4.html
- http://crazylazy.info/blog/content/0x41-weekly-exploitation-matters-shellcode-and-frameworks
- http://pentest.cryptocity.net/exploitation/
- http://www.security-database.com/toolswatch/+-pvefindaddr-+.html
- http://devcheatsheet.com/tag/backtrack/
- http://securitybananas.com/?p=115
Report a link yourself :
(Note : Do NOT use this contact form to ask questions or to get in touch with me. Those emails will be ignored.)
If you want to get in touch with me, you can send me an email (peter[dot].ve{At)corelan {dot} be). If you have questions about any of my tools or tutorials, you can use my forum to post questions.
Linked In :
You can find more info about me and my carreer on my Linked In page : http://be.linkedin.com/in/petervaneeckhoutte