iSecPartners has released on GitHub a “cheat-sheet” for auditing high-value applications. It’s well worth a read. This list is intended to be a list of additional or more technical things to look for when auditing extremely high value applications. The applications may involve operational security for involved actors (such as law enforcement research), extremely valuable […]
From Trail of Bits, they are offering a free online CTF and penetration testing course. Lots of great material from a well respected organization.
Chromium engineers have provided excellent clarification on compatibility issues between Google Chrome v35+ and EMET 4.1 The specific issue we have encountered with Chromium compiled using VS 2013 relates to tail-call optimizations in wrapper functions for Windows APIs. By using jmp to enter the Windows API call from the wrapper, the Visual Studio compiler avoids […]
I read an informative IBM article about data alignment and its importance when developing native code. Data alignment is an important issue for all programmers who directly use memory. Data alignment affects how well your software performs, and even if your software runs at all. As this article illustrates, understanding the nature of alignment can also […]
http://www.microsoftvirtualacademy.com/m/tracks/utilizing-sysinternals-tools-for-it-pros Microsoft Premier Field Engineers step through a technical deep dive on utilizing SysInternals tools. This course focuses on key administrative and diagnostic utilities and addresses key insights, and best practices.
Some very cool Python to perform in process patching and trampolines to hook Windows API’s. http://www.rohitab.com/discuss/topic/37018-api-hooking-in-python/
UPDATED: 5/30/2013 to cover same flaw in EnSc.exe. There is a reason that the RunAs program doesn’t accept credentials on the command line…because people would embed passwords. Microsoft developer Raymond Chen writes: If this offends you and you want to be insecure and pass the password on the command line anyway (for everyone to see […]