CoreLabs Information Security Publications

Below is an index of publications, presentations and papers authored by members of the CoreLabs research team. Click on any title to get more information and access the publication on the CoreLabs extranet site.

Title Venue / Publication Publication Date
Modifying Windows NT Logon Credential Corelabs Technical Report
Deactivate the Rootkit Black Hat USA 2009
Core Impact: Penetration Test Automation White paper
Four different tricks to bypass StackShield and StackGuard protection Corelabs Technical Report
About Exploits Writing, Gerardo Richarte G-CON 1, ITESM Campus Estado de Mexico, Mexico
Pass-the-Hash Toolkit for Windows HITB SECONF 2008 and Buenos Aires Conference (Ba-Con '08)
Killing the myth of Cisco IOS rootkits:DIK (DA IOS ROOTKIT) EuSecWest 2008, May 21-22. London, UK
A Penetration Testing Learning Kit Troopers08, April 23-24, 2008. Munich, Germany
Dynamic Binary Instrumentation Frameworks: I know youre there spying on me REcon 2012 Conference
An attack on CRC-32 integrity checks of encrypted channels using CBC and CFB modes Corelabs Technical Report
Deep-dive into SAP archive file formats Troopers
Persistent BIOS Infection CanSecWest Vancouver, BC, Canada
Foundations and applications for secure triggers ACM Transactions on Information and System Security (TISSEC)
One firmware to monitor em all - HackLu 2012 Hack.Lu 2012
Anécdotas de seguridad Congreso Nacional de Estudiantes de Ingenieria en Sistemas de Informacion (CNEISI) 2012
Deep Boot Ekoparty
HoneySAP: Who really wants your money Troopers
Code injection in virtual machines Ekoparty '08
WPA Migration Mode: WEP is back to haunt you... BlackHat 2010 USA
Advanced Software Protection Now CoreLabs Technical Report (arXiv:1006.2356)
Agafi (Advanced Gadget Finder) Ekoparty
New SMB and DCERPC features in Impacket v0.9.6.0 Corelabs Technical Report
One firmware to monitor em all - EkoParty 2012 Ekoparty 2012
Password Security Policies - Lessons Learned from Recent Password Leaks OWASP AppSec Latam 2012
The impact of predicting attacker tools in security risk assessments 6th Annual Cyber Security and Information Intelligence Research Workshop - Oak Ridge National Laboratory