CoreLabs Information Security Projects

Below is an index of projects that members of the CoreLabs team have pursued. Click on any title to access more information about the project on the CoreLabs extranet site.

Title Excerptsort ascending
Teaching Penetration Testing

Tools for teaching students how to think like attackers, create realistic...

Attacker-centric Risk Assessment Metrics

Techniques and prototypes for calculating security metrics from an attacker...

BIOS rootkits

Studies on rootkit creation and design

Zombie 2.0: A web-application attack model

Solutions to the payload engineering problem in web application attack...

MD5 collisions

Research that invalidates MD5 checksums, one of the preferred methods for...

Public-Key Cryptography Based on Polynomial Equations

Research on the application of symbolic elimination techniques for breaking...

Attack Planning

Research on modeling penetration testing techniques by translating...

Protocol design flaws -

Research on finding design flaws in protocols and deployed systems

SQL Agent

Exploits SQL injection vulnerabilities and enables the user to conduct post...

Attack Payloads

Crypto and standard attack techniques can be combined with payload...

XSS Agent

Analyzes the problems underlying exploitation and post-exploitation of...

CORE GRASP

An open-source web application security software that protects against...

CORE TRUSS and Secure Triggers

An obfuscation-based software protection solution

Gfuzz

An instrumented Web application fuzzing environment

Bugweek

An initiative to discover and document security vulnerabilities in commonly...