San Francisco: +1 (415) 635 3784  |  Geneva: +41 (22) 723 2424   |  
ImmuniWeb®: Login | Register
ImmuniWeb® by High-Tech Bridge

Stay in touch

Enter your email and get the latest news and researches on cybersecurity, receive invitations to private security events and conferences.

Manipulating Memory for Fun & Profit

Wednesday, February 6, 2013 By

Author: Frederic Bourla, Chief Security Specialist, High-Tech Bridge

Memory analysis and manipulation can provide security analysts with formidable weapons. During his talk at Information Security Day for ISACA Luxembourg Chapter, Frédéric BOURLA presented most memory manipulation tricks from both offensive and defensive angles. The talk first dealt with the attacker’s layer, from pivoting attacks to IEEE1394 issues through In-Memory Fuzzing, which permits auditors to bypass built-in features, network limitations and encryption to remain able to uncover security vulnerabilities in a running application. In a second stage, the talk focused on the benefits of memory manipulation in Computer Forensics and Malware Analysis fields, especially when facing sophisticated malcode, such as kernel rootkits or heavily encrypted reverse Trojans. Basically, this talk aimed to open the doors to a fascinating world which could easily allow security analysts to save lots of time during their recurrent duties.

User Comments and Opinions