TippingPoint Digital Vaccine Laboratories

Pedram Amini

Pedram Amini's Image

Manager, Security Research

http://pedram.openrce.org

Pedram Amini leads the security research group at TippingPoint. His group is responsible for auditing software, reverse engineering patches, and developing tools to automate these tasks. Previous to TippingPoint, Pedram was the assistant director and one of the founding members of iDEFENSE Labs. Despite the fancy titles he spends much of his time in the shoes of a reverse engineer- developing automation tools, plug-ins and scripts. His most recent projects (aka "babies") include the PaiMei reverse engineering framework and the Sulley fuzzing framework.

In conjunction with his passion for the field, he launched OpenRCE.org, a community website dedicated to the art and science of reverse engineering. He has previously presented at RECON, ShmooCon, BlackHat, DefCon, ToorCon, and taught numerous reverse engineering courses. Pedram holds a computer science degree from Tulane University and is the co-author of the book Fuzzing: Brute Force Vulnerability Discovery.

Published Advisories:
  • TPTI-07-19: CA Multiple Product DBASVR RPC Server Pointer Arithmetic Vulnerablities
  • TPTI-07-14: HP OpenView Multiple Product Shared Trace Service Stack Overflow Vulnerabilities
  • TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability
  • TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption Vulnerability
  • TPTI-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities
  • TPTI-07-02: Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities
  • TPTI-06-13: HP OpenView Client Configuration Manager Device Code Execution Vulnerability
  • TPTI-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities
  • TPTI-06-12: CA BrightStor Discovery Service Mailslot Buffer Overflow Vulnerability
  • TPTI-06-07: eIQnetworks Enterprise Security Analyzer Monitoring Agent Buffer Overflow Vulnerabilities
  • TPTI-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
  • TPTI-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
  • Upcoming Advisories:
  • Hewlett-Packard (585 days since report)
  • Appearances:
  • Upcoming: Reverse Engineering on Windows: Application in Malicious Code Analysis
    2008-08-02 Black Hat USA 2008 Training
  • Upcoming: Arms Race: Next-Gen Vulnerability Discovery
    2008-06-02 Techno Security Conference
  • Reverse Engineering on Windows: Application in Malicious Code Analysis
    2008-03-25 Black Hat Europe 2008 Training
  • Advanced Fuzzing with Sulley
    2007-10-25 BlackHat Japan
  • Reverse Engineering on Windows
    2007-10-23 BlackHat Japan
  • Fuzzing Sucks!
    2007-09-27 Microsoft BlueHat
  • Fuzzing Sucks!
    2007-08-02 BlackHat US
  • Reverse Engineering on Windows
    2007-07-28 Black Hat US
  • Reverse Engineering on Windows
    2007-02-26 Black Hat Federal
  • Reverse Engineering on Windows
    2006-08-01 Black Hat US
  • PaiMei - Reverse Engineering Framework
    2006-06-18 RECON
  • Reverse Engineering for Fun and BoF it!
    2006-01-13 ShmooCon
  • Process Stalking - Run Time Visual RCE
    2005-09-17 ToorCon
  • Blog Entries
  • Kraken Botnet Infiltration
    created 2008-04-28 (47 comments, 7890 views)
  • Hello from Black Hat Europe
    created 2008-03-27 (0 comments, 1717 views)
  • Back From BlueHat
    created 2007-10-01 (0 comments, 3747 views)
  • Greatest Book Dedication Ever?
    created 2007-07-09 (1 comments, 2202 views)
  • Pin Pointing Stack Smashes
    created 2007-05-02 (3 comments, 3000 views)