Information Security Resources

CoreLabs Information Security Publications

Below is an index of publications, presentations and papers authored by members of the CoreLabs research team. Click on any title to get more information and access the publication on the CoreLabs extranet site

Title Authors Publication Date Venue / Publication
Four different tricks to bypass StackShield and StackGuard protection Gerardo Richarte, April 24, 2002 04/24/02 Corelabs Technical Report
State of the Art Security from an Attacker's Viewpoint Ivan Arce and Gerardo Richarte 11/05/03 PacSec Conference, Tokyo, Japan, November 6, 2003.
Virtualization in software development and QA Marcelo Picorelli 01/01/06 VMworld `06
Modern Intrusion Practices Gerardo Richarte 07/30/03 Black Hat Briefings 2003, Las Vegas, July 30-31, 2003.
The Rise of the Gadgets Iván Arce 10/01/03 IEEE Security and Privacy, vol. 1, no. 5, pp. 78-81, Sept-Oct. 2003
Core Impact: Penetration Test Automation Iván Arce 08/01/01 White paper
Bug Hunting: The Seven Ways of the Security Samurai Iván Arce 04/01/02 IEEE Computer Magazine, Security and Privacy supplement, April 2002, pp. 11-15
Why Attacking Systems Is a Good Idea Iván Arce, Gary Mcgraw 07/01/04 IEEE Computer Society - Security & Privacy Magazine, Vol. 2, No. 4.
MD5 to be considered harmful today Gerardo Richarte 11/15/05 PacSec'05 Conference, Tokyo, Japan.
Land of the blind Iván Arce 07/01/05 IEEE Computer Society - Security & Privacy Magazine, Vol. 3, No. 4.
Tendencias de ataque en seguridad informática Iván Arce 10/03/05 2005 FIRST Technical Colloquium, Buenos Aires, Argentina
The ND2DB attack: Database content extraction using timing attacks on the indexing algorithms Ariel Futoransky, Damian Saura, and Ariel Waissbein. 08/13/07 First Workshop on Offensive Technologies (WOOT `07)
Analyzing OS fingerprints using Neural Networks and Statistical Machinery Javier Burroni and Carlos Sarraute 02/20/06 EUSecWest, London
Strong payload obfuscation and encryption Ariel Waissbein 12/01/06 PacSec Conference
Security vulnerabilities, exploits and attack patterns: 15 years of art, pseudo-science, fun & profit Iván Arce 07/31/07 15th USENIX Security Symposium, July 31st –August 4th 2006, Vancouver, B.C. Canada