Palo Alto Networks

exploitation

Exploitation Demystified, Part 3: Heap-Based Exploits

In my previous blog post in the Exploitation Demystified series, we learned how memory corruption exploits are implemented using stack-based overflow vulnerabilities. Let’s talk now about a main alternative path: heap-based vulnerabilities.

An operating system (OS) allocates memory to a computer program, with respect to the size of the data this program consumes, which is either known bef...

Cybersecurity

Apr 13, 2016

By Palo Alto Networks

Palo Alto Networks

Products and Services

Partners

Cybersecurity

Exploitation Demystified, Part 2: Overwrite and Redirect

In Part 1 of this series, we laid the foundation of memory corruption exploitation and presented the basic exploitation framework:

Dec 01, 2015

By Palo Alto Networks

Cybersecurity

Exploitation Demystified: Why, What and How, Part 1

Exploits have been the major enabler of advanced persistent threats for over a decade now, but it is only in the recent years that the term has become widely used and acknowledged as a main attack vector.

Nov 02, 2015

By Palo Alto Networks

Events

REcon Recap: Here's What Caught My Eye

A few weeks ago I was fortunate enough to attend REcon in Montreal, Canada. This conference focuses on reverse engineering and exploitation techniques and has been going on for roughly a decade. In this post, I’ll recap some of the presentations witnessed during the con...

Jul 02, 2015

By Josh Grunzweig

Endpoint, Malware, Unit 42

Google Chrome Exploitation – A Case Study

In this write-up, we will present several techniques used in exploiting a vulnerability in Google Chrome, and the various difficulties presented by its security mechanisms and considerations. We also offer some...

Dec 14, 2014

By Palo Alto Networks

Load more blogs