Immunity Debugger v1.82 latest version download !

Immunity Debugger v1.82 latest version download ! "Immunity Debugger is a powerful new way to write exploits, analyze malware, and reverse engineer binary files. It builds on a solid user interface with function graphing, the industry's first heap analysis tool built specifically for heap creatio...

Reverse Engineering of Proprietary Protocols, Tools and Techniques !

Reverse Engineering of Proprietary Protocols, Tools and Techniques ! This talk is about reverse engineering a proprietary network protocol, and then creating my own implementation. The talk will cover the tools used to take binary data apart, capture the data, and techniques I use for decoding...

Security Event : Recon 2011 Conference !

Security Event : Recon 2011 Conference ! WHAT RECON is a computer security conference held annually in Montreal, Canada. It offers a single track of presentations over the span of three days with a focus on reverse engineering and advanced exploitation techniques. The registration fee includes an...

Google buy Reverse Engineering Company Zynamics (German security firm) !

Google has just acquired a small German software company called Zynamics. The company, which was founded in 2004, focuses on reverse engineering — that is, analyzing software malware in particular for which no source code is available. It's an incredibly interesting and complicated problem to try...

Google Buys Security Firm Zynamics

Google has acquired a small German security start-up called Zynamics, which is well-known in the security industry for its reverse-engineering and analysis tools. Zynamics announced the deal on its corporate blog on Tuesday, saying little other than that the company had been acquired by Google. T...

VERA v0.3 - Visualizing Executables for Reversing and Analysis tool !

"VERA is a Visualizing Executables for Reversing and Analysis tool. It is a tool for reverse engineering Windows executables. It is used in conjunction with the Ether framework to generate visualizations to help with the RE process." This is the official change log: Added processing of trace file...

The Blackbuntu Community Edition Download !

The Blackbuntu Community Edition is a Linux Live-CD based on Ubuntu 10.10 which was specially designed for security training students and practitioners of information security. Another tool for penetration testers collection that could be considered as a competition for Pentoo. It supports the...

Exploit Kits Employing Obfuscation to Prevent Analysis

The creators of the Phoenix exploit kit have begun using obfuscation and other techniques to prevent security researchers and others from reverse-engineering the installation process for the kit, adopting a tactic that has become increasingly popular among attackers recently. The Phoenix exploit...

Security Firms Scramble For SCADA Talent After Stuxnet

Three months after the world first learned of the sophisticated Stuxnet worm, insiders say that there’s a scramble to find and hire engineers with knowledge of both security and the industrial control systems that were Stuxnet’s intended target. Anti virus companies admit their research teams wer...

New Linux OS REMnux Designed For Reverse Engineering Malware

A security expert has released a stripped-down Ubuntu distribution designed specifically for reverse-engineering malware. The OS, called REMnux, includes a slew of popular malware-analysis, network monitoring and memory forensics tools the comprise a very powerful environment for taking apart...

SeaMonkey < 2.0.5 Multiple Vulnerabilities

Binary data 5581.prm...

SeaMonkey < 2.0.5 Multiple Vulnerabilities

Binary data 800874.prm...

Firefox < 3.5.10 Multiple Vulnerabilities

Binary data 800758.prm...

Introduction to Malware Analysis

In this video, Lenny Zeltser, a SANS instructor, outlines the basic concepts of reverse engineering malware, describing the process of analyzing the code and the behavior of the malware...

SIDVault 2.0e - Windows Remote Buffer Overflow

!/usr/bin/python $ ./sidvault.py 192.168.1.131 SIDVault 2.0e Windows Remote Buffer Overflow Written by blake Tested on Windows XP SP3 + Sending payload + Check port 4444 for shell $ nc 192.168.1.131 4444 Microsoft Windows XP Version 5.1.2600 C Copyright 1985-2001 Microsoft Corp. C:\WINDOWS\system...

32bit FTP (09.04.24) - CWD Response Universal Overwrite (SEH)

32bit FTP 09.04.24 - CWD Response Universal Overwrite SEH !/usr/bin/python | || | / \ | | | | | | | | | - | | | / / | | |||| || // / |\ || Bug : 32bit FTP 09.04.24 CWD Response Universal Seh Overwrite Exploit Refer : http://www.milw0rm.com/exploits/8611 Tested on : Xp sp3 ENVB Exploited by :...

Ken "Skywing" Johnson joins Microsoft security team

Microsoft has hired yet another well-known security researcher to join its ever-growing team of exploit and defense experts. This time it’s Ken Johnson, known in the hacker world as Skywing. Johnson is known as an expert on debugging and reverse engineering, and has done a tremendous amount of wo...

Design/Logic Flaw

Geert Moernaut LSrunasE and Supercrypt use an encryption key composed of an SHA1 hash of a fixed string embedded in the executable file, which makes it easier for local users to obtain this key without reverse engineering...

Insecure Use of RC4 in LSrunasE and Supercrypt &#40;CVE-2007-6340&#41;

COMPASS SECURITY ADVISORY http://www.csnc.ch/ Product: LSrunasE, Supercrypt Vendor: Geert Moernaut Type: Flawed Encryption Risk: Medium Author: Daniel Roethlisberger Date: 2008-01-29 CVE Name: CVE-2007-6340 Introduction ------------ LSrunasE 1 and Supercrypt 2 are utilities used to run commands...

Windows 9x/NT/2k/XP Reverse Generic Shellcode w/o Loader 249 bytes

No description provided by source. We use the PEB for the Output/Input/Error Handles. typedef struct PEB BOOLEAN InheritedAddressSpace ; BOOLEAN ReadImageFileExecOptions ; BOOLEAN BeingDebugged ; BOOLEAN Spare ; HANDLE Mutant ; PVOID ImageBaseAddress ; PPEB LDR DATA LoaderData ; PRTL USER PROCESS...