LABS
RESEARCH
At CENSUS we have a strong passion about applied security research. Results from our laboratories, cleared for public disclosure, and related presentation material are collected and made available here.
Vulnerability Discovery
- Fuzzing
- Tracing
- Vulnerabilities discovered in popular software (Advisories)
Exploit Engineering
Penetration Testing
- IDS evasion (Context-keyed Payload Encoding)
- Anti-virus evasion (Metamorphic PE Packing)
- WiFi Phishing (Process automation, Getting the most out of Evil Twin)
- Physical Security Testing (Network backdoor planting)
- Device exploitation (Airport POS exploitation)
- Enhancing Penetration Testing (through Vulnerability Research)
Proactive Defenses
Secure SDLC
- Mobile App Threat Landscape
- Secure Mobile App Development Lifecycle
- Secure Programming in C
- Integrating "malicious" technologies/techniques within the SDLC
Tools
Guides and Reports
- Kernel Debugging (FreeBSD)
- Stack canary randomization (Linux)
- Digital Forensics (with Open Source Tools)
- Rootkit Analysis (Linux Rootkit Case Study)
- Securing infrastructures (with Open Source Tools)
Other Presentations