Open Source Projects, Books, Exploits, Proof-Of-Concepts and Other Research Materials

I have developed many open source projects since I started coding, I have also discovered and exploited a number of vulnerabilities and written a book about reverse engineering, vulnerability research and exploitation. Bellow is a non extensive list of some open source projects, research materials, exploits and proof-of-concepts I have written:

Pigaios (Coming soon)

Pigaios (πηγαίος, Greek for ‘source’ as in ‘source code’) is a tool to directly diff C source codes against binaries using IDA. It will be released on October 12th during the Hacktivity conference.

Diaphora

Diaphora (διαφορά, Greek for ‘difference’) is a program diffing plugin for IDA Pro and Radare2, similar to Zynamics Bindiff or the FOSS counterparts DarunGrim, TurboDiff, etc… It was released during SyScan 2015.

Book: The Antivirus Hackers Handbook

Book co-authored with Elias Bachaalany about how to reverse engineer, analyse, bypass, interface with, find vulnerabilities in and exploit antivirus software.

MemBugTool

MemBugTool (call me original) is a DBI tool to discover heap memory related bugs.

MalTindex

A tool for indexing binaries using graph based techniques and help attribute malware campaigns.

Cosa Nostra

A graph based malware clusterization toolkit.

Nightmare

A distributed fuzzing testing suite with web administration. It was released during the conference T2 (Finland) around October 23 (2014).

MultiAV

Multi-antivirus scanner library for Python with JSON API.

Pyew

Pyew is a (command line) python tool to analyse malware.

DeepToad

A python library and a tool to clusterize similar files using fuzzy hashing techniques.

ZeroWine

Zero Wine is a malware's behavior analysis tool.

Oracle TNS Poison

Documentation for my Oracle TNS Poison (CVE-2012-1675) vulnerability and exploit for Oracle 9i, 10g and 11i.

Inguma

Inguma is a free penetration testing and vulnerability discovery toolkit entirely written in python. Framework includes modules to discover hosts, gather information about, fuzz targets, brute force usernames and passwords, exploits, etc...

Kojoney

Kojoney is an easy of use, secure, robust and powerfull Honeypot for the SSH Service written in Python.

Nemesis Pascal

A FrameWork to develop Pascal Applications. This included and Integrated Development Environment for Rapid Application Development (RAD), a Virtual Machine, Web Services, Pascal Server Pages (PSP) and many other tools.

Latest Blog Entries

Automated or manual attack?

Today I received a notification about an automated attack against this blog. Nothing new, however,...

3 minute read

Zerowine 2.0 preview

Hi! I plan to release in a month or so the newest version of ZeroWine...

2 minute read

Conferences

    Conference Year Language(s) Talk Materials
    Hacktivity Coming soon! EN Pigaios: Diffing C source codes against binaries Coming soon!
    EuskalHack 2018 EN Using Binary Instrumentation for Vulnerability Discovery (Or even mitigation!)
    EuskalHack 2017 EN Call Graph Agnostic Malware Indexing
    Hack & Beers Bilbao 2017 ES/EN Cosa Nostra: A Graph Based Malware Clustering Toolkit YouTube (Spanish)
    SyScan360 2017 EN Cosa Nostra: A Graph Based Malware Clustering Toolkit
    EuskalHack 2016 ES La gran mentira: Seguridad como producto
    Hack & Beers Bilbao 2016 EU AV: Additional Vulnerabilities
    Hack & Beers Donostia 2015 EU Malware-multzokatze Teknikak (Malware Clustering Techniques)
    BSides Lisbon 2015 EN Diaphora, reviving binary diffing
    T2.FI 2014 EN Blind Code Coverage Fuzzing
    44CON 2014 EN Breaking AV Software
    KiwiCON 2014 EN Breaking AV Software
    SyScan360 2014 EN Breaking AV Software
    WhiskeyCON 2014 EN Diaphora: Upcoming Features YouTube
    SyScan 2014 EN Breaking AV Software SlideShare PDF YouTube
    RootedCON 2013 EN/ES Interactive Static Analysis Tools for Vulnerability Discovery SlideShare YouTube (Spanish)
    RootedCON 2011 EN Databases Security Paradise SlideShare PDF
    RootedCON 2010 EN Hackproofing Oracle Financials SlideShare LibreOffice Impress

Public Key

-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.6 (GNU/Linux)

mQGiBEEkYTwRBADCKgyMSJu+E/hGPAtfteAAYkXLf9Pczzp/XcOjz1uqHe0kp/xg
gy9ylLDvyj9raWHdLVTrBA7KVy/SgfMGRE+cRg5IE4OXjVMuFNiYU6A77etKfOuU
oiiaxdb7zfXEN+ZTu5nxcnPffq1KadYfqzahxB+pOGmaHcSbOX9vnMbYJwCgpRb+
ww3QoWn7j8v0IdIu7OuWeCMEALphzDk2BGVvOvEIxn2eBEND6P2+UaJ+PTVzjKuC
/zVIOa1DIRBjnLUA+Q2JOIPrBnBKCbAOxuEk2yOEykRQw9L4of5hlQfolrXfiQTN
kincYatWCMmT4eJkefwqAVyd1rqXNo/46gsQIHe2g8bGh/PXtKKWSDIHsTwz3Ekx
q4rOA/wNLAQCPZl89GfAr4U7irt3Qu5vW1pomxtamznN4EABgb2dUpiORBD3QOEx
kwZvlPJPXOaJaod69360+E1KwLWREyEJsvBjClIV3BHgHl1ekat+U5tnhN69EDZ4
ehe01watosby5HVsfzPFeHyRE5xlc6CJm0WXTXW5DY1TG5S+o7QxSm9zZSBBbnRv
bmlvIENvcmV0IEJhcm5ldG8gPGpveGVhbmtvcmV0QHlhaG9vLmVzPoheBBMRAgAe
BQJBJGE8AhsDBgsJCAcDAgMVAgMDFgIBAh4BAheAAAoJEFOqxTBGA65RiIAAn3MK
RhWDjs/t6SPUshR1/ksm7R2cAJsErtfd43Xfwtw0IHMsePLHBvgMkbQdQWRtaW4g
PGFkbWluQGpveGVhbmtvcmV0LmNvbT6IYAQTEQIAIAUCSTfRXgIbAwYLCQgHAwIE
FQIIAwQWAgMBAh4BAheAAAoJEFOqxTBGA65RZ3QAn1BeQ6XXafls4naW5/5meF9E
JTXkAKCY/Fv2UdiBsUKlBBCeCCYEog31erkCDQRBJGGPEAgAot7ukxGNGVlDpPSi
S/m+/p190hKUFzSQNPO7pVEWZYP1LYMIDWxMkpDr7YK2eMxlAvvdwHS97oW2A2Yr
bstQAeMDi/tJwFsZ4WIDtUAvoqxPL7HsbvoDvkK6lXduxHtkDlhQbvFl+BGd9us5
seAK1fBpXLMMjKFRiCRcAKOOu4GjxfEXcwZovtW4W5gdpH5T/C0OSsZZcRWQYlFX
gFJJZyHBAaHPVwK+YJoQGBN8J+iyt0ASj5fED9+sS4DYPr8g7KpYSvaudtxPr2zx
hYvDWT1BXtpTFbuDILRIJt9eJHy5kf9R6s+ZJjfsoVWkOyedpspniiElrpj6R7Pf
pRdJWwADBgf/SJlEigs7UEKMH54Pds/rlCMFFz0PVHZLmYx6thV5WaHsSe7R3iFg
C0MYNGbFb5wbTfaH9fYQ5F2yJLF2x2h2qonz/OeTcj8XkbEvZfDCzgsyY/gs3GXh
mj5/hi6Ig+TJmNws+bdFIhTyJtzy6C1rUH4E06BJmWeq3Tg9izPfs3M0mlHF3KJ4
58k+R2egtaAtEdNHuuVuV+CvLI0wvUQ+8Q9G/X1mi4Q1dto3sk/dkBX/TXtw9W3g
wbWgaUDcZ49bd5XeVDAdFjeJWqCOST5lu63CsAhuw9LrbQwM+M2RXf8JCiJfUNhW
bvvMqOTyz+uRMvmnYmBgfYgFaGlz8Z/EPIhJBBgRAgAJBQJBJGGPAhsMAAoJEFOq
xTBGA65R2qYAoI63iwOL0GNLgaJlLROdgP757PmuAJ9VlemIES9st8/w1nyzAMhS
+lygfQ==
=7ksy
-----END PGP PUBLIC KEY BLOCK-----

Public Photographies

All of my public photographies are licensed under the Creative Commons Attribution-ShareAlike license and can be found in Flickr or 500px.

Best of