CoreLabs Information Security Projects

Below is an index of projects that members of the CoreLabs team have pursued. Click on any title to access more information about the project.

Titlesort ascending Excerpt
Zombie 2.0: A web-application attack model

We analyzed the problems underlying the attack and penetration in the web...

XSS Agent

This project is about analyzing the problems underlying exploitation and...

Using neural networks for OS fingerprinting

The problem of remote Operating System (OS) Detection, also called OS...

Teaching Penetration Testing

We are devising lessons and tools for using in a...

SQL Agent

We introduce the SQL Agent technique and implementation, an efficient...

Public-Key Cryptography Based on Polynomial Equations

Research on the application of symbolic elimination techniques for breaking...

Protocol design flaws

Aside from the traditional vulnerability analysis in which we explore known...

Non-Euclidean Ring Data Scrambler (NERDS) public-key encryption

With the advent of PDAs and other constrained computing environments come...

ND2DB Attack

Within this project we research a new attack technique that allows...

MD5 collisions

After Dr. Wang presented the MD5 collisions at Crypto '05, Gera's...

Gfuzz

Gfuzz is a web application fuzzing environment which combines fine-grained...

Exomind

The proliferation of social network services has produced an extensive...

CORETEX

Coretex is a series of programming competitions organized by Core in...

Core Wisdom

CORE WISDOM is a suite of tools designed for the secure auditing of...

CORE TRUSS and Secure Triggers

This project relates to a software protection framework that we designed....

CORE GRASP

CORE GRASP is a web application protection software technique designed by ...

CORE FORCE

CORE FORCE® is a free comprehensive endpoint security solution for Windows...

Core CloudInspect

We are concerned with using the elasticity of public clouds to...

Bugweek

The Bugweek is a research activity wherein the security professionals in...

BIOS rootkits

Traditionally rootkit research has focused on accomplishing...

Attacker-centric Risk Assessment Metrics

Risk assessment can be used to measure the security posture of an...

Attack Simulation

Computer systems and networks are exposed to attacks on a daily basis. IT...

Attack Planning

Today penetration testing is a highly manual practice, which requires an...

Attack Payloads

Crypto and standard attack techniques can be...

A Penetration Testing Research Framework

Penetration testing remains a required practice for...