HITB LAB TITLE: White Hat Shellcode: Not for Exploits
HITB LAB ABSTRACT:
In this hands on lab session, we will present shellcode designed to protect systems instead of attacking systems. Some examples:
- shellcode to unload a DLL
- shellcode to enable DEP
- shellcode to patch a vulnerability
- shellcode to prevent heap sprays (from my HeapLocker tool)
Participants to this 120 minute lab session are encouraged to come equipped with a virtual Windows XP machine. All other tools will we provided during the session. Curious to know more? Here’s a video of one of the exercises: http://blog.didierstevens.com/2011/11/08/white-hat-shellcode-workshop-enforcing-permanent-dep/ See you in May!
ABOUT DIDIER STEVENS
Didier Stevens (Microsoft MVP Consumer Security, CISSP, GSSP-C, CCNA Security, MCSD .NET, MCSE/Security, RHCT, OSWP) is an IT Security Consultant currently working at a large Belgian financial corporation. He is employed by Contraste Europe NV, an IT Consulting Services company (http://www.contraste.com). You can find his open source security tools on his IT security related blog at http://blog.DidierStevens.com
Posts
![SQL Injection Basics - Union Based [Detailed Tutorial]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjQpa2wuMB-m5CXPVf71GUOkfiIOQA8KTyQ-_zfAl0SZa23UBN1QJaO2ZMGRDZlmDJTYf2jJ4ik3Xnj1locc38Yv9l6VMxTWt32s86JtXtLABDn20DRuAcbLPKMb9m2hc6PDmjIjvU-us/s72-c/SQL-Injection-Attack.jpg)
No comments:
Post a Comment