简介：continued ramblings on software security and code auditing

原站：http://taossa.com

标签：security

“The Art of Software Security Assessment”的内容更新

累计：15 篇（自 2008-08-10 起）

更新：约4篇/年，最后更新933 天前

The Art of Software Security Assessment

BlackHat 2009 Whitepaper: Attacking Interoperability

our blackhat 2009 whitepaper is now available here. here we discuss the details of the stuff we are presenting, including the atl vulnerabilities and killbit bypass. we also discuss some vulnerability classes that are unique to interoperability layers - primarily type confusion and object retention. hope to see some of you in the talk!... (311 天前)

http://inezha.com/w/yhnprxo

The Art of Software Security Assessment

BlackHat USA 2009 - Attacking Interoperability

david dewey, ryan smith, and myself are speaking at the upcoming blackhat conference on attacking interoperability. i have written an overview of what our speech is going to contain and it is available on the iss blog here.... (311 天前)

http://inezha.com/w/0bt82xi

The Art of Software Security Assessment

An Interesting Mozilla Exploit

The Frequency X blog has a writeup on a NULL pointer dereference bug I found a while ago in Firefox. I always find these types of bugs interesting because they require such unique approaches to getting code execution. If you’re similarly inclined, you can read the post and follow the details of the exploit process yourself.... (311 天前)

http://inezha.com/w/eq0xbxf

The Art of Software Security Assessment

Browser Exploitation in Vista (PacSec 08 Speech)

Two weeks ago I spoke at PacSec on browser exploitation in Vista. Although it was based on the talk Alex and I gave at BlackHat, there was some new material in this talk and a slightly different focus. Specifically, I targeted web languages (in particularly .NET and Java), and the implications these languages have on memory corruption-style exploits. Som... (311 天前)

http://inezha.com/w/r0nujxm

The Art of Software Security Assessment

Bugs vs. Flaws

We didn’t realize that we were terrible bloggers until it was far too late to do anything about it.Effective blogging probably has many components, but I believe one of the key tactics is to state a controversial opinion that will necessarily highlight a point of conflict between two reasonably sized groups of people. (I believe you get bonus points if... (311 天前)

http://inezha.com/w/nktvyx5

The Art of Software Security Assessment

BlackHat Slides

Hi,The link for the slides did not work in the last post, so for those interested - you can get the slides here.... (311 天前)

http://inezha.com/w/9603uxs

The Art of Software Security Assessment

Impressing Girls with Vista Memory Protection Bypass

Hi there,Alex Sotirov and I are presenting at BlackHat USA today on bypassing the Windows Vista memory protections in the context of the web browser in a speech titled "How to Impress Girls with Browser Memory Protection Bypasses". Specifically, we will be discussing how rich browser functionality can be utilized to help lessen the impact of memory prot... (311 天前)

http://inezha.com/w/bmnlrw0

订阅者 ( 1 )

相关订阅源