Request Demo Why Application Security
Search Blog
#infosec #OWASP
#Risk Management #microservices
#Application Security #Cybersecurity #AI #DevSecOps
Security Blog
Five Cybersecurity and Cybercrime Predictions for 2019 by Ilia Kolochenko
December 13, 2018
Voting Websites Security Incidents and Breaches in 2018
December 11, 2018
Barry Cook on Privacy, AI and GDPR Enforcement
December 6, 2018
Top 10 Most Disastrous Cryptocurrency Breaches in 2018
December 4, 2018
Top 10 Mobile Breaches and Incidents of 2018
November 27, 2018
News and press releases
Paul Wang joins High-Tech Bridge’s Advisory Board
November 1, 2018
High-Tech Bridge to Leverage AI and Big Data to Map Application Security Risks and Threats
October 24, 2018
High-Tech Bridge to Uberize AI for Application Security Testing
October 17, 2018
High-Tech Bridge joins the British-Swiss Chamber of Commerce
July 17, 2018
High-Tech Bridge launches VAR partnership program for ImmuniWeb® AI
June 13, 2018
OWASP Top 10
OWASP’s #1 Web Application Risk - the Threat of and Solution to Web Application Injection Attacks
June 14, 2018
OWASP’s #2 Web Application Risk – the Threat of and Solution to Broken Authentication
June 21, 2018
OWASP’s #3 Web Application Risk – the Threat of and Solution to Sensitive Data Exposure
June 28, 2018
XML External Entities (XXE): the Threat of and Solution
July 5, 2018
OWASP Top 10: Broken Access Control, the risks and solutions
July 12, 2018
Security Misconfiguration, a conscious element of OWASP Top 10, the risks and solutions
July 19, 2018
XSS, a notable OWASP Top 10 old-timer, still brings up to $7,500 to researchers
July 26, 2018
Insecure Deserialization: OWASP Top 10 element of arduous exploitation but leading to system takeover
August 2, 2018
Components with Known Vulnerabilities - a major OWASP Top 10 Risk
August 21, 2018
Last but not least: OWASP Top Ten #10 - Insufficient Logging and Monitoring
August 14, 2018
Stay in touch

Application security insights and invitations to exclusive events in your inbox


Your data will stay confidential Private and Confidential

Defeating Data Execution Prevention and ASLR in Windows

Monday, June 27, 2011 By

Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.


Author: Brian Mariani, Senior Security Auditor at High-Tech Bridge SA


Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.


Tags: ASLR DEP Windows
Previous Blog Posts:
Structured Exception Handler Exploitation Fake Malware and Virus Scanners

User Comments
Add Comment

Free Application Discovery
Learn More
Technology
ImmuniWeb® AI
Request Demo
Products
ImmuniWeb® AI
Buy Now
Demo
High-Tech Bridge on Facebook High-Tech Bridge on Twitter High-Tech Bridge on LinkedIn High-Tech Bridge RSS Feeds Send by Email
Share

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

Accept
Let's Talk
We are here to help _
Your business location: United States - English
Call us

We are here during standard business hours

+41 (22) 723 24 24 - Switzerland
+1 (415) 659 18 61 - US
Email us

We will back to your in one business day

Send us your question