BLOG

Packing Heat - AthCon 2012 update

AthCon 2012 is now over and what a great event that was! Our talk this year, entitled “Packing Heat!”, described ways in which PE executables can be packed to evade AntiVirus (AV) detection during penetration tests. Specifically, the talk presented a new type of packer; a packer that generates metamorphic executables. Each executable generated by this type of packer both looks different on-disk and behaves differently at runtime.

The Linux kernel memory allocators from an exploitation perspective

In anticipation of Dan Rosenberg’s talk on exploiting the Linux kernel’s SLOB memory allocator at the Infiltrate security conference and because I recently had a discussion with some friends about the different kernel memory allocators in Linux, I decided to write this quick introduction. I will present some of the allocators’ characteristics and also provide references to public work on exploitation techniques.

Performing Digital Forensics with Open Source tools

My presentation slides from this year’s FOSSCOMM security sessions are now (also) available here.

AthCon 2011 update

CENSUS has participated once again at AthCon, the leading technical IT security conference in Greece. Our work entitled “Introducing the Parasite” presented a small device that is capable of creating a physical backdoor in an otherwise protected network.