Vulnerabilities – S3lab http://s3lab.deusto.es S3lab Security Blog Wed, 06 May 2020 12:51:35 +0000 en-US hourly 1 https://wordpress.org/?v=5.1.5 Explaining the basics of fuzzing http://s3lab.deusto.es/basics-fuzzing/ Sat, 09 Sep 2017 00:54:15 +0000 http://s3lab.deusto.es/?p=9327 In the field of program analysis, different techniques are used, usually divided into two groups: static and dynamic. Fuzzing is a dynamic technique used extensively (especially in recent years) to discover bugs in software that, with a little (bad) luck,

Read more ›

The post Explaining the basics of fuzzing appeared first on S3lab.

]]> In the field of program analysis, different techniques are used, usually divided into two groups: static and dynamic. Fuzzing is a dynamic technique used extensively (especially in recent years) to discover bugs in software that, with a little (bad) luck, could lead to security vulnerabilities. The main idea behind fuzzing is to provide invalid or malformed data as input to a system in order to trigger unexpected behavior such as a crash.

The post Explaining the basics of fuzzing appeared first on S3lab.

]]> Honeypots, attracting hackers with vulnerabilities http://s3lab.deusto.es/honeypots-hackers-vulnerabilities/ Tue, 10 Nov 2015 10:57:29 +0000 http://s3lab.deusto.es/?p=4370 There is very useful technique to know who wants to enter your network and which are his intentions. Simply leave a pot of vulnerabilities in the middle of the woods and wait for the bees to approach. Most times they

Read more ›

The post Honeypots, attracting hackers with vulnerabilities appeared first on S3lab.

]]> There is very useful technique to know who wants to enter your network and which are his intentions. Simply leave a pot of vulnerabilities in the middle of the woods and wait for the bees to approach. Most times they are automated systems or script kiddies

The post Honeypots, attracting hackers with vulnerabilities appeared first on S3lab.

]]> Looking for security holes in my webs http://s3lab.deusto.es/looking-for-security-holes-my-webs/ Wed, 04 Nov 2015 13:52:24 +0000 http://s3lab.deusto.es/?p=4476 Today we will play with a web vulnerabilities  search tool with which we can check  very easily the safety of our web applications. The tool in question is Vega, an Open Source platform web auditing can help us identify and

Read more ›

The post Looking for security holes in my webs appeared first on S3lab.

]]> Today we will play with a web vulnerabilities  search tool with which we can check  very easily the safety of our web applications. The tool in question is Vega, an Open Source platform web auditing can help us identify and mitigate security holes exploited widely.

The post Looking for security holes in my webs appeared first on S3lab.

]]> The marketing behind zero-day vulnerabilities http://s3lab.deusto.es/marketing-zero-day-vulnerabilities/ Tue, 24 Mar 2015 11:03:55 +0000 http://s3lab.deusto.es/?p=3531 In recent times, the landscape of zero-day vulnerabilities has been modified by a curious phenomenon, the marketing. And I am not referring to the technique used by hackers and security researchers to sell them, but to the system used for

Read more ›

The post The marketing behind zero-day vulnerabilities appeared first on S3lab.

]]> In recent times, the landscape of zero-day vulnerabilities has been modified by a curious phenomenon, the marketing. And I am not referring to the technique used by hackers and security researchers to sell them, but to the system used for public disclosure (both specialized and general).

The post The marketing behind zero-day vulnerabilities appeared first on S3lab.

]]>