www-corelan-be

HITB2014AMS – Interview with Katie Moussouris

Published May 29, 2014 |

Hi all, I had the pleasure to meet with Katie Moussouris after her keynote at Hack In The Box. After the announcement that she has left Microsoft and now serves as Chief Policy Offer (CPO) at HackerOne. I wanted to ask her 2 questions about this new step in her carreer: Peter: Why HackerOne? Katie: […]

Posted in Uncategorized | Tagged amazon, bug bounty, corelan, corelan team, corelan-be, corelan-coder, corelean-software-exploit, corelean-team, corellan-be, crelan-be, hackerone, hitb2014ams, httpswww-corelan-be, httpswww-part-box-com, httpsyandex-ruclckjsredirfromyandex-rusearchweb, katie moussouris, platform, vcorelan, vulnerability disclosure, www-corelan-be

Jingle BOFs, Jingle ROPs, Sploiting all the things… with Mona v2 !!

Published December 31, 2012 |

By Peter Van Eeckhoutte (corelanc0d3r)

Ho Ho Ho friends, It has been a while since we posted something on the Corelan Team blog, I guess we all have been busy doing … stuff and things, here and there. Nevertheless, as the year is close to filling up 100%, it’s probably a good time to start thinking about finding some convincing […]

Posted in Development, Exploit Writing Tutorials, Exploits, My Free Tools, Scripts | Tagged debugger, exploit, extension, immunity, immunity debugger, jingle-bofs, mona, mona-albertini, mona-py-2-windbg, mona-windbg, mona.py, new year, plugin, present, pycommand, pykd, python, windbg, windbg-mona-py, www-corelan-be

HITB2012AMS Day 2 – Taint Analysis

Published May 25, 2012 |

By Peter Van Eeckhoutte (corelanc0d3r)

Automatically Searching for Vulnerabilities: How to use Taint Analysis to find Security Flaws (by Alex Bazhanyuk (not present) and Nikita Tarakanov, Reverse Engineers, CISS) Nikita explains they have been working on reversing binaries and auditing source code for a long time. Alex currently works on the BitBlaze work, and moved to the US to […]

Posted in Cons and Seminars | Tagged alex bazhanyuk, bitblaze, bitblaze-ida-pro, dangerousfunctions-ida, fuzzing, hooking, ida pro, ida-plugin-taint, kernel, nikita tarakanov, qemu, reverse engineering, sasv-taint-analysis, taint analysis, tainted-path-analyse-security, temu, tracing, vine, vulnerability, www-corelan-be

Debugging Fun – Putting a process to sleep()

Published February 29, 2012 |

By Corelan Team (Lincoln)

Recently I played with an older CVE (CVE-2008-0532, http://www.securityfocus.com/archive/1/489463, by FX) and I was having trouble debugging the CGI executable where the vulnerable function was located.
Continue reading →

Posted in 001_Security, Exploit Writing Tutorials, Malware and Reversing, Uncategorized | Tagged cgi, corelan, corelan team, cve-2008-0532, debugger, entrypoint, f, function, fx, hook, immunity, isdebuggerpresent, jit, just in time, loop, pefile, python, rva, sleep, www-corelan-be

Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

HITB2014AMS – Interview with Katie Moussouris

Jingle BOFs, Jingle ROPs, Sploiting all the things… with Mona v2 !!

HITB2012AMS Day 2 – Taint Analysis

Debugging Fun – Putting a process to sleep()

Corelan Training

Donate

Corelan Team Merchandise

Corelan on Slack

Actions

Categories

Hi there!

We have good news for you!