The Latest in IT Security

Posts Tagged ‘dll’

Add Bottom Up Randomization To (Your Own) Source Code

30
Sep
2011

EMET’s new Bottom Up Randomization spectacularly increased the entropy of DLL’s base addresses loaded into my test program. Instead of 15 different addresses, I had more than 200.Matt Miller told me how he implemented Bottom Up Randomization: “It works by reserving a random number (between [0,256]) of 64K regions via VirtualAlloc. This has the effect […]

Category Security Written by Didier Stevens 0 Comments

Read more ...

simple-shellcode-generator.py

23
Sep
2011

To help the attendees of my Brucon White Hat Shellcode workshop, I wrote a new program to generate simple shellcode. I’m releasing it now. People regularly ask me for malware so they can test their security setup. First, that’s a bad idea, and second, you can do without. Why is using malware a bad idea? […]

Category Security Written by Didier Stevens 0 Comments

Read more ...

Force “ASLR” on Shell Extensions

10
Aug
2011

I’ve written about Shell Extension without ASLR support before. Not only do they open up explorer.exe to ROP attacks, but other applications too, like Adobe Reader and Microsoft Office. You could use EMET to force ASLR on these DLLs, assuming you know which applications load shell extensions. Because shell extensions are not only loaded into […]

Category Security Written by Didier Stevens 0 Comments

Read more ...

« Older Entries
Newer Entries »

Categories

FRIDAY, MARCH 14, 2025
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments