Cross-site scripting (XSS) vulnerabilities are a fairly recurrent problem on the web even though it was publicly documented in 2000. These attacks allow a malicious actor to completely alien certain web page to inject and execute code not authorized by…
S3lab Team
Posted in News
There it comes that precious moment of the year where the temperature usually has a single number (in Celsius obviously). People tend to think that this is a negative thing, but here we have always been very positive people.
When someone finds out that your computer is infected, a question automatically pops up in your mind, how has this happened? First you think about the recent files downloaded / installed, then in the visited pages, and if no answer…
Irene Díez
Posted in Articles
Compilers transform the code we write to make it more efficient, however, there are times when these optimizations made by the compiler can cause security problems. A clear example of this is the dead code elimination, an optimization that aims…
Oscar Llorente
Posted in Articles
Following in the line of program analysis techniques, this time we are going to talk about a technique that is somewhere in between static techniques and dynamics, symbolic execution. It is a type of analysis that covers different limitations of…
Researchers at Purdue, Politecnico di Milano and California – Irvine universities presented this summer in Usenix Security a work focused on trying to prevent and eradicate vulnerabilities caused by the abuse of variadic functions. A variadic function is one that…
Our sandbox for packers
