The following links are some of my past information security research. Not all.

Presentations:



  • Hack in The Box Amsterdam 2012 - Ghost in the allocator

    Here I demonstrated a new technique/variation for exploitation against the Windows 7 heap manager that abuses the allocation offset mechanism. Additionally, I also presented a likely attack technique against the consumer preview version of the Windows 8 heap manager.


  • Ruxcon 2012 - How to catch a chameleon

    Was about the introduction of a plugin for Immunity Debugger that I developed called ‘heaper’ that is designed to not only detect a corrupted heap state before out-of-bounds memory access, but was also designed to detect exploitable conditions in past Windows operating systems.