Projects

Projects

Below is an index of projects that members of the CoreLabs team have pursued. Click on any title to access more information about the project.

Title Excerpt
Core Wisdom

CORE WISDOM is a suite of tools designed for the secure auditing of...

XSS Agent

This project is about analyzing the problems underlying exploitation and...

ND2DB Attack

Within this project we research a new attack technique that allows...

Using neural networks for OS fingerprinting

The problem of remote Operating System (OS) Detection, also called OS...

Attack Payloads

Crypto and standard attack techniques can be...

Teaching Penetration Testing

We are devising lessons and tools for using in a...

SQL Agent

We introduce the SQL Agent technique and implementation, an efficient...

Public-Key Cryptography Based on Polynomial Equations

One of the challenges public-key cryptography faces is the absence of...

Gfuzz

Gfuzz is a web application fuzzing environment which combines fine-grained...

MD5 collisions

After Dr. Wang presented the MD5 collisions at Crypto '05, Gera's researched...

Exomind

The proliferation of social network services has produced an extensive...

CORE TRUSS and Secure Triggers

This project relates to a software protection framework that we designed....

CORE GRASP

CORE GRASP is a web application protection software technique designed by ...

CORE FORCE

CORE FORCE® is a free comprehensive endpoint security solution for Windows...

Bugweek

The Bugweek is a research activity wherein the security professionals in...

A Penetration Testing Research Framework

Penetration testing remains a required practice for...

BIOS rootkits

Traditionally rootkit research has focused on accomplishing...

Attack Planning

Today penetration testing is a highly manual practice, which requires an...

Attacker-centric Risk Assessment Metrics

Risk assessment can be used to measure the security posture of an...

CORETEX

Coretex is a series of programming competitions organized by Core in...

Attack Simulation

Computer systems and networks are exposed to attacks on a daily basis. IT...

Core CloudInspect

We are concerned with using the elasticity of public clouds to...

Protocol design flaws

Aside from the traditional vulnerability analysis in which we explore known...

Zombie 2.0: A web-application attack model

We analyzed the problems underlying the attack and penetration in the web...

Non-Euclidean Ring Data Scrambler (NERDS) public-key encryption

With the advent of PDAs and other constrained computing environments come...