Skip to content

{ Category Archives } papers

Black Hat USA 2013, Bochspwn, slides and pointers

(Collaborative post by Mateusz “j00ru” Jurczyk and Gynvael Coldwind) Two weeks ago (we’re running late, sorry!) Gynvael and I had the pleasure to attend one of the largest, most technical and renowned conferences in existence – Black Hat 2013 in Las Vegas, USA. The event definitely stood up to our expectations – the city was purely […]

Approaching BlackHat US 2013 and new Dragon Sector blog

This is a quick reminder that Gynvael and I are going to attend BlackHat US 2013 in Las Vegas next week with the “Bochspwn: Identifying 0-days via System-Wide Memory Access Pattern Analysis” presentation on the second day of the event. The talk is going to largely extend our previous performance at SyScan this year (see […]

NoSuchCon’13 and crashing Windows with two instructions

The first edition of the NoSuchCon security conference held in Paris ended just a few days ago. Before anything else, I would like to thank all of the organizers (proudly listed at nosuchcon.org) for making the event such a blast! Both the location, venue and speaker line-up were amazing, with lots of free beer and […]

SyScan 2013, Bochspwn paper and slides

(Collaborative post by Mateusz “j00ru” Jurczyk and Gynvael Coldwind) A few days ago we (Gynvael and I) gave a talk during the SyScan’13 conference in the fine city of Singapore, and as promised (though with a slight delay), today we are publishing both the slide deck and a white paper discussing memory access pattern analysis […]

Fun facts: Windows kernel and guard pages

It has been a while since I last posted here, so I guess it’s high time to get back to work and share some more interesting Windows kernel internals goodies. Before we get to that, however, let’s start with a few announcements. First of all, there is a number of great infosec conferences coming up […]

ZeroNights slides, Hack In The Box Magazine #9 and other news

First of all, it has been reported to me that the system call list for Microsoft Windows Vista SP0 available at http://j00ru.vexillium.org/ntapi was wrong, containing syscall numbers for beta2 version of the system instead of the actual RTM Service Pack 0. The issue has already been resolved – apologies for any confusion this might have […]

CVE-2011-2018 exploitation as a standalone paper + other news

Hey guys, I figured that it might be worth releasing the “The story of CVE-2011-2018 exploitation” as a stand-alone, nicely formatted paper for your reading convenience. It was previously released in the Hack in The Box Magazine #8 over a month ago (see announcement blog post). In short words, the paper is a guide through […]

Hack in the Box Magazine #8 available now

Every one or two quarters, there’s the one day we all wait for – and that’s when the latest issue of the Hack in the Box Magazine is released :-) Thanks to the hard and awesome work of Zarul Shahrin and the entire editorial crew, we are very excited to announce that the eight edition […]

A Bug Hunter’s Diary review

Title: A Bug Hunter’s Diary. A Guided Tour Through the Wilds of Software Security. Author: Tobias Klein ISBN: 978-1-59327-385-9 Published: November 2011 Websites: http://nostarch.com/bughunter.htm, http://www.trapkit.de/books/bhd/en.html In the modern times of noisy news headlines like “A Security Researchers Unveils a Critical Vulnerability in Product X”, little is publicly said about the overall bug hunting process, in lieu of discussions regarding […]

FYI: Printable “Windows Kernel Address Protection” paper out

That’s just a short notification that I decided to release the Windows Security Hardening Through Kernel Address Protection article published in Hack in the Box Magazine #7 over a month ago (see HITB #7 on the wild, at last). The paper is now available in a nicely formatted, printer-friendly format. If you missed it then, […]