Pedram Amini
Manager, Security Research
http://pedram.openrce.orgPedram Amini leads the security research group at TippingPoint. His group is responsible for auditing software, reverse engineering patches, and developing tools to automate these tasks. Previous to TippingPoint, Pedram was the assistant director and one of the founding members of iDEFENSE Labs. Despite the fancy titles he spends much of his time in the shoes of a reverse engineer- developing automation tools, plug-ins and scripts. His most recent projects (aka "babies") include the PaiMei reverse engineering framework and the Sulley fuzzing framework.
In conjunction with his passion for the field, he launched OpenRCE.org, a community website dedicated to the art and science of reverse engineering. He has previously presented at RECON, ShmooCon, BlackHat, DefCon, ToorCon, and taught numerous reverse engineering courses. Pedram holds a computer science degree from Tulane University and is the co-author of the book Fuzzing: Brute Force Vulnerability Discovery.
- Published Advisories:
- TPTI-07-19: CA Multiple Product DBASVR RPC Server Pointer Arithmetic Vulnerablities
- TPTI-07-14: HP OpenView Multiple Product Shared Trace Service Stack Overflow Vulnerabilities
- TPTI-07-09: Macrovision FLEXnet boisweb.dll ActiveX Control Buffer Overflow Vulnerability
- TPTI-07-06: Trillian Pro Rendezvous XMPP HTML Decoding Heap Corruption Vulnerability
- TPTI-07-01: Trend Micro ServerProtect StCommon.dll Stack Overflow Vulnerabilities
- TPTI-07-02: Trend Micro ServerProtect eng50.dll Stack Overflow Vulnerabilities
- TPTI-06-13: HP OpenView Client Configuration Manager Device Code Execution Vulnerability
- TPTI-06-11: CA Multiple Product DBASVR RPC Server Multiple Buffer Overflow Vulnerabilities
- TPTI-06-12: CA BrightStor Discovery Service Mailslot Buffer Overflow Vulnerability
- TPTI-06-07: eIQnetworks Enterprise Security Analyzer Monitoring Agent Buffer Overflow Vulnerabilities
- TPTI-06-10: Microsoft HLINK.DLL Hyperlink Object Library Buffer Overflow Vulnerability
- TPTI-06-02: Microsoft SRV.SYS Mailslot Ring0 Memory Corruption Vulnerability
- Upcoming Advisories:
- Hewlett-Packard (999 days since report)
- Appearances:
- Upcoming: Reverse Engineering on Windows: Application in Malicious Code Analysis
2009-07-25 Black Hat USA 2009 Training- Upcoming: Reverse Engineering on Windows: Application in Malicious Code Analysis
- Reverse Engineering on Windows: Application in Malicious Code Analysis
2009-04-15 Black Hat Europe 2009 Training- Reverse Engineering on Windows: Application in Malicious Code Analysis
- Reverse Engineering on Windows: Application in Malicious Code Analysis
2009-02-16 Black Hat Federal 2009 Training- Reverse Engineering on Windows: Application in Malicious Code Analysis
- Reverse Engineering on Windows: Application in Malicious Code Analysis
2008-08-02 Black Hat USA 2008 Training- Reverse Engineering on Windows: Application in Malicious Code Analysis
- Arms Race: Next-Gen Vulnerability Discovery
2008-06-02 Techno Security Conference- Arms Race: Next-Gen Vulnerability Discovery
- Reverse Engineering on Windows: Application in Malicious Code Analysis
2008-03-25 Black Hat Europe 2008 Training- Reverse Engineering on Windows: Application in Malicious Code Analysis
- Advanced Fuzzing with Sulley
2007-10-25 BlackHat Japan- Advanced Fuzzing with Sulley
- Reverse Engineering on Windows
2007-10-23 BlackHat Japan- Reverse Engineering on Windows
- Fuzzing Sucks!
2007-09-27 Microsoft BlueHat- Fuzzing Sucks!
- Fuzzing Sucks!
2007-08-02 BlackHat US- Fuzzing Sucks!
- Reverse Engineering on Windows
2007-07-28 Black Hat US- Reverse Engineering on Windows
- Reverse Engineering on Windows
2007-02-26 Black Hat Federal- Reverse Engineering on Windows
- Reverse Engineering on Windows
2006-08-01 Black Hat US- Reverse Engineering on Windows
- PaiMei - Reverse Engineering Framework
2006-06-18 RECON- PaiMei - Reverse Engineering Framework
- Reverse Engineering for Fun and BoF it!
2006-01-13 ShmooCon- Reverse Engineering for Fun and BoF it!
- Process Stalking - Run Time Visual RCE
2005-09-17 ToorCon- Process Stalking - Run Time Visual RCE
- Blog Entries
- Authoring a Technical Book
created 2009-06-03 (2 comments, 1147 views)- Authoring a Technical Book
- Reverse Engineering iPhone AppStore Binaries
created 2009-03-06 (2 comments, 3913 views)- Reverse Engineering iPhone AppStore Binaries
- BlackHat Federal 09: Day Two
created 2009-02-19 (2 comments, 2638 views)- BlackHat Federal 09: Day Two
- BlackHat Federal 09: Day One
created 2009-02-18 (1 comments, 2597 views)- BlackHat Federal 09: Day One
- Python Interfacing a USB Missile Launcher
created 2009-02-12 (19 comments, 34452 views)- Python Interfacing a USB Missile Launcher
- Cellular Interference
created 2008-06-30 (7 comments, 3598 views)- Cellular Interference
- RECON 08 Day 3
created 2008-06-16 (0 comments, 3176 views)- RECON 08 Day 3
- RECON 08 Day 2
created 2008-06-14 (4 comments, 3280 views)- RECON 08 Day 2
- RECON 08 Day 1
created 2008-06-13 (0 comments, 3344 views)- RECON 08 Day 1
- Kraken Botnet Infiltration
created 2008-04-28 (54 comments, 18085 views)- Kraken Botnet Infiltration
- Hello from Black Hat Europe
created 2008-03-27 (0 comments, 4394 views)- Hello from Black Hat Europe
- Back From BlueHat
created 2007-10-01 (0 comments, 7901 views)- Back From BlueHat
- Greatest Book Dedication Ever?
created 2007-07-09 (1 comments, 5296 views)- Greatest Book Dedication Ever?
- Pin Pointing Stack Smashes
created 2007-05-02 (3 comments, 4832 views)- Pin Pointing Stack Smashes
