[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <A641CEADDBAEAE4C96FC5BF8546952680139E348@av-mail01.corp.int-eeye.com>
Date: Tue, 1 Aug 2006 15:48:42 -0700
From: "Marc Maiffret" <mmaiffret@...e.com>
To: <full-disclosure@...ts.grok.org.uk>
Subject: EEYE: research.eeye.com
Hi,
I am happy to announce to the first incarnation of
http://research.eEye.com. On this site you can find everything from our
previously released advisories to our previously unreleased research
tools. A lot of these tools are seeing daylight for the first time
outside of eEye so we do expect there to be bugs we have not noticed
before. We definitely encourage your feedback. You can provide such
feedback directly to research via skunkworks@...e.com.
Besides the new site, which will continue to be updated, we are also
releasing a few new tools today:
eEye Binary Diffing Suite
You can probably guess what this is... It is a new set of free tools we
are releasing that can be used to perform binary differential analysis.
This is obviously very useful in doing patch reverse engineering and
related tasks. There are still some bugs to be worked out so expect some
more updates over time not only in bug fixes but also as we expand its
capabilities as far as function matching etc... We have released this as
open source so feel free to send email feedback or questions, and if you
so chose, improvements.
Duster
Duster is the Dead/Uninitialized Stack Eraser, an injectable DLL that
causes uninitialized stack and heap memory in its host process to be
wiped over with a specific value. It is intended as a crude tool to
assist in the run-time discovery of uninitialized memory usage problems
by increasing the chances that the host process will raise an exception
when a value in uninitialized memory is used. The Duster DLL activates
automatically upon being loaded into a process. Windows NT
4.0/2000/XP/2003 only.
We also have done some updates to some classics including BootRoot with
the release of the SysRQ.iso so you can subvert the Windows kernel as it
loads and spawn a nice SYSTEM command prompt, equally useful for system
administrators who forget their password etc... We also have posted the
presentation for PiXiE which is a proof-of-concept network boot virus,
for those of you moving to thin clients, you might want to double check
the security of said systems.
And there is of course "the blog" with which we finally have joined the
masses of teenagers and security researchers alike who want to tell you
about every waking moment of their lives. Ours should be a repetitive
mix of 0day, Tequila and of course as you would expect, security rap
lyrics.
Lastly while speaking of blogging I am sure there will be some
interesting things to "blog about" at this years Blackhat in Vegas.
We hope to see all of you out there, and for those that can not make it,
see you next Tuesday!
Signed,
Marc Maiffret
Founder/CTO
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9329
http://eEye.com/Blink - End-Point Vulnerability Prevention
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists