BLOG

Black Hat USA 2012 update

This year we have presented our jemalloc exploitation research work at Black Hat USA 2012, the leading information security conference. Our researchers Patroklos Argyroudis and Chariton Karamitas visited Caesar’s Palace at Las Vegas, Nevada and delivered the talk.

Packing Heat - AthCon 2012 update

AthCon 2012 is now over and what a great event that was! Our talk this year, entitled “Packing Heat!”, described ways in which PE executables can be packed to evade AntiVirus (AV) detection during penetration tests. Specifically, the talk presented a new type of packer; a packer that generates metamorphic executables. Each executable generated by this type of packer both looks different on-disk and behaves differently at runtime.

The Linux kernel memory allocators from an exploitation perspective

In anticipation of Dan Rosenberg’s talk on exploiting the Linux kernel’s SLOB memory allocator at the Infiltrate security conference and because I recently had a discussion with some friends about the different kernel memory allocators in Linux, I decided to write this quick introduction. I will present some of the allocators’ characteristics and also provide references to public work on exploitation techniques.

Performing Digital Forensics with Open Source tools

My presentation slides from this year’s FOSSCOMM security sessions are now (also) available here.