Re: tools for searching potential BO in binary code

From: Aviram Jenik (aviram_at_beyondsecurity.com)
Date: 06/19/05

  • Next message: RaMatkal_at_hotmail.com: "exploiting/debuggin SetUnhandledException filter"
    To: "Syversen, Jason M (US SSA)" <jason.syversen@baesystems.com>
    Date: Sun, 19 Jun 2005 13:45:55 +0300
    
    

    Hi Jason,

    I'm not sure if that's what you meant, but we have a tool called beSTORM that
    finds buffer overflows in closed products (without requiring the source code)
    by testing all possible protocol combinations.

    beSTORM is responsible for most of the advisories we've released in the last
    couple of years (http://www.securiteam.com/advisories/) but it has not yet
    been launched 'officially'.

    Contact me off list if you would like more info.

    Best Regards,
    Aviram Jenik
    Beyond Security

    http://www.BeyondSecurity.com
    http://www.SecuriTeam.com

    The First Integrated Network and Web Application Vulnerability Scanner:
    http://www.beyondsecurity.com/webscan-wp.pdf

    On Wednesday 15 June 2005 21:19, Syversen, Jason M (US SSA) wrote:
    > As mentioned below Bugscan was sold to LogicLibrary and is not called
    > LogicScan. They are not selling Icebox as a product but they are selling
    > Inspector, which is kind of an integrator for Ollydbg and IDA Pro with
    > some plugins. Like Bugscan, really not cheap though. Halvar Flake will
    > have something coming out in the September timeframe, see Sabre
    > Security's web site for more information. Many people have home-grown
    > utilities to do this work but don't productize/release it because that's
    > where they get their 0-days from...
    >
    > Anyone else know of binary analysis tools that are out there, open
    > source or commercial?
    >
    > - Jason
    >
    > -----Original Message-----
    > From: Kyle Quest [mailto:Kyle.Quest@networkengines.com]
    > Sent: Monday, June 13, 2005 12:15 PM
    > To: vuln-dev@securityfocus.com
    > Subject: RE: tools for searching potential BO in binary code
    >
    >
    > It all depends on how much money you are
    > willing to pay. There was something called Bugscan
    > and it was definitely not cheap from what i understand.
    > The program was originally developed
    > by the company called HBGary (the name
    > Greg Hoglund should ring the bell :-] ).
    > It seems like it was spun off into a separate
    > company. At some point Bugscan was acquired
    > by LogicLibrary. I dont know what happened
    > to it after that, but if you look at the HBGary
    > website now, they seem to have some new product
    > that might be useful (check out something called Icebox).
    >
    > Kyle
    >
    > -----Original Message-----
    > From: Nix Yog [mailto:yognix@gmail.com]
    > Sent: Wednesday, June 01, 2005 2:22 AM
    > To: vuln-dev@securityfocus.com
    > Subject: tools for searching potential BO in binary code
    >
    >
    > hi all,
    > something like bugscam, but more functional?


  • Next message: RaMatkal_at_hotmail.com: "exploiting/debuggin SetUnhandledException filter"