Security Publications and Presentations
Passive Information Gathering
The aim of this paper is to present the P.I.G. software, a private tool developed by High-Tech Bridge to optimize the information gathering phase during penetration tests. This paper only contains few technical information in order to provide a global view of the software implementation, which may be useful to people willing to automate such a process.
August 16, 2011
Userland Hooking in Windows
This document is the first of a series of five articles relating to the art of hooking. As a test environment, we will use an English Windows Seven SP1 operating system distribution.
August 4, 2011
Defeating Data Execution Prevention and ASLR in Windows
Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.
June 27, 2011
Structured Exception Handler Exploitation
The SEH exploitation technique was publicly documented by David Litchfield in September of 2003. At a high-level, the SEH overwrite technique uses a software vulnerability to execute arbitrary code by abusing the 32-bit exception dispatching facilities provided by Windows. At a functional level, an SEH overwrite is generally accomplished by using a stack-based buffer. This document explains SEH details while exploiting a real case.
June 15, 2011
Fake Malware and Virus Scanners
Rogue security software reports a virus infection, even if your computer is clean. This kind of "software" could also fail to report viruses when your computer is infected. This document show what are the mechanisms to obfuscate this process.
May 20, 2011
Become fully aware of the potential dangers of ActiveX attacks
Exploiting ActiveX components vulnerabilities in Windows has become a favored method of attackers aiming to compromise specific computers. Such targeted attacks have increasingly become a threat to companies and government agencies. This talk will explain this kind of attack and show how this flaw could be discovered while going through exploitation.
May 12, 2011
Client-side threats - Anatomy of Reverse Trojan attacks
Client-side vulnerabilities are among the biggest threats facing users. Attackers are going after weaknesses in desktop applications such as browsers, media players, common office applications and e-mail clients to install malicious software, often Trojan horses and rootkits. This document explains in detail these threats while how to prevent them.
December 2, 2010