Whitepaper called Bypassing Browser Memory Protections.
4bb235b44799001d4a44274262b9d944e99bca3cb5b4c65e5344121784a5e29e
Whitepaper called Evading AV Signatures - Derailing Antivirus.
ab9feb9da9c02c06044b5b0d1cc8868bbfe101a8fbdb7ac6fa258fa8759c7d62
Whitepaper called Binary Code Modification. Written in Turkish.
49805184f64edbdcb7348ceb0f235ba851a2bb0a8153b48cd0f1b6972aeffb5a
Bypassing DEP with WPM and ROP Case Study - Audio Converter by D.R. Software.
59da14bb300b08323b39c65d2d0712c973ef9e4546366622c1d4ac361148f8da
Fortify (FORTIFY_SOURCE as used with gdb) suffers from a little trick that allows for reading of arbitrary address space.
5592ed45c719808d090e4002892c4abedb9388b403958b3feadde04a23960930
Whitepaper called Injection Techniques to Anti Bypass.
6b8752ae57fc836df9d70d23cd7c8470723bdb52a3c92769f031c5d8ca13f516
This paper documents a cross site scripting workaround for strip_tags and addslashes.
7aa842a76e4ec47865c611db68a692cad7db17b86333f2d6fba41e17ca13aff2
Whitepaper called Bypassing Oracle DBMS_ASSERT (in certain situations). Originally written in July of 2008 but is just being released now.
e6e1d68c71f6151caeb0c9cf0b475ad6bbf96d0a3d4464eca34740718a6b39f8
Whitepaper called Bypassing Hardware Based Data Execution Prevention (DEP) on Windows 2003 SP2.
d184381c4ad889006627d8570ca692515a97b3b6be034ad73a212421887c84aa
Whitepaper called Evading network-level emulation.
d489c38435ff90e51abe56d25eade253c749f37d9416b3fe83c932c3e141b042
Whitepaper called Bypassing Authentication with Reverse Engineering in Linux x86. Written in French.
d0f828ad7777b98f34730768e4f138dc040ce4035f096350e941119c38796d30
Whitepaper called Bypassing Authentication With Buffer Overflows. Written in French.
fe5efb0fe17c70d64762852af63a48ea54f30797c879a2e2386a9ade60a0efd1
Whitepaper called Bypassing Windows Server 2008 Password Protection.
dafaeeb1f9b5d5b9f13d745ee76e9384b863cdd583876ecffeb2680d1971ae9a
Brief whitepaper discussing return to LIBC exploitation on Linux.
60df69f9613a7068834b59cadfa21bfe78b5e1a540709800c8da40b9243c2620
Whitepaper discussing various infection gateways.
5a8c33cea1bf26eee1042ba0601ed180094d88fa5b872221fa7b9230af9c356e
SQL Injection - Anatomy of an Attack. Written in Portuguese.
80803c38db20d599d86931ce14d84b94c4e95a06abcb29d5adbe03db55e2e939
Whitepaper discussing an ASLR bypassing methodology on the Linux 2.6.17/20 kernel.
10dc58c3fcf2ee0669b8dd15d47f37e8c11f39762734cf289da1237d5cdc4e00
Whitepaper discussing Sybase SQL injection and bypassing mod_security. Written in German.
09d84e0a64b65f88ddbf720c57c79803b8151b15d9d3ab11dbb2da236d85c7cc
This short technical briefing describes a technique using Tcl to create a backdoor within IOS that would allow a remote attacker to execute privileged commands on a networking device.
e9a229bcf26b8163b934b676f8f37dbddfc8bbc6aca0bc911d5d89e8d262262e
Whitepaper discussing uncommon SQL injection attacks.
c8b16f4bd110529536d9922005f3293bc55cf4684bc2a40dfe6f279a8d8d96d4
Anti Forensics: Making Computer Forensics Hard.
f4380d3dd58acf7c9ecd5bf19caaffa07198a6219a7f4223e3929996454851f3
It has been more than a year since Michael Lynn first demonstrated a reliable code execution exploit on Cisco IOS at Black Hat 2005. Although his presentation received a lot of media coverage in the security community, very little is known about the attack and the technical details surrounding the IOS check_heaps() vulnerability. This paper is a result of research carried out by IRM to analyze and understand the check_heaps() attack and its impact on similar embedded devices.
40dd024bc2d874958a21e126057bd31b7ed7d0c86e440e3d7f7f5635a1c9819c
Cross site scripting filtration bypass.
e8f3a317fec8d9aac454287bcffbd89a86bb81f966319f433900cc50f0f28107
Paper describing how to reuse dumped portmapper data on one machine in order to still make use of rpc services on a remote machine without portmapper being exposed.
6d75a479fb91127cfe155527d798ba0fa54676e421f165fdc5c35388873d9eb9
This document is a technical abstract of paper "Win32/Bypass: Anulando la deteccion de ficheros". The main objective is to explain techniques used to bypass security measures of many antivirus programs.
a80051bbb8ce9864fffe9ef392dcd3c70799043f3b62af74e23d40f6777bcba9