S3lab Team
Posted in News
We just found a new package in the repository that seems quite interesting. It has no dependencies and the benefits of installing it seem quite interesting. Reviewing the code, we have detected that it has a timeout that will be…
Oscar Llorente
Posted in Articles
In the previous post we talked about the possibilities to implement programs and carry out all kinds of tasks such as profiling or vulnerability detection. We also introduced Intel Pin, a dynamic binary instrumentation tool (mainly for IA32 and x86_64),…
A few years ago, one of the most common attacks was to take advantage of a memory corruption error such as a buffer overflow to inject code (usually shellcode) and divert the flow of control to that code. However, with…
It is possible to access any content through a different network than the one we initially encountered. With a simple example, if we were initially in Spain, we could access a certain web page as if we were really in…
Oscar Llorente
Posted in Articles
Many of the methods of software testing and dynamic analysis of programs (not necessarily related to security) require inserting some additional instructions in the text of the program to obtain added information, that is, to instrument the program. For example,…
Currently a large number of mobile applications are simple front ends of their corresponding web APIs. Although this is not a danger in itself, it brings with it a very important implication regarding the validation process of data entry: The…
Our sandbox for packers
