TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... The DVLabs research team discovered 10 unique Adobe Shockwave vulnerabilities during October and November of 2010.

Pwn2Own 2009

TippingPoint's Zero Day Initiative (ZDI) team is pleased to announce that we will once again be sponsoring this year’s Pwn2Own contest for the 3rd year running. The contest will be held during the CanSecWest Security Conference March 16-20th in Vancouver, BC. If you’re unfamiliar with the Pwn2Own contest, check out the rules and ...

BlackHat Federal 09: Day Two

The second day of talks and last day of the BlackHat Federal 2009 conference just wrapped up and before I head out for an evening on the town, let me share some notes on the talks I caught today.

BlackHat Federal 09: Day One

Fresh off of two days of teaching a reverse engineering class, it's my turn to take a seat in the audience and check out some new research from various parts of the globe. There are two simultaneous tracks running at this show, here are the talks I got to catch.

What Security Are You Talkin 'Bout Willis?

Way back at Defcon 10, GOBBLES security had a presentation named "Wolves Among Us" that was basically them taking shots at anyone and everyone they could think of. At one point the target of their ridicule were the developers of OpenSSH, for the vulnerability publicly released earlier that summer. At that point during the presentation ...

Python Interfacing a USB Missile Launcher

I watch Woot on pretty much a daily basis and as a result I frequently end up purchasing toys that I really don't need. Most recently I picked up a silly pair of USB Missile Launchers. I finally found some free time yesterday to open up the package and plug them in. The toys lost their allure within minutes of harassing my team with a barrage of soft missile shots. That same night I thought I would be able to extend the fun factor by coding up a programmatic interface to the launchers in Python. This blog is about that process.

MindshaRE: Command Line Binary Analysis

I spend a lot of time in the Windows environment. This wasn't always the case, so I try every chance I can, to drop back into a UNIX shell and use commands that do one thing very well. It's my belief that these commands, when chained together, can be very powerful, even when reverse engineering. So I developed a novel approach to binary analysis on the UNIX command line (Cygwin included).MindshaRE is our weekly look at some simple reverse engineering tips and tricks. The goal is to keep ...

MindshaRE: OpenRCE.org

Reverse engineering is a vast and ever-growing discipline. No one can understand every aspect, and thats why we rely on a strong community to pose questions to, and learn from the work of others. I am going to use todays MindshaRE to point the reader towards one of the more popular reverse engineering communites at openrce.orgMindshaRE is our weekly look at some simple reverse engineering tips and tric ...