Re: tools for searching potential BO in binary code

[Jeremy Richards <dyngnosis () gmail com>]

I am currently in talks with Security Innovation about doing a product
review on their flagship product called Holodeck Enterpries Edition. 
It is an interesting product that sets up a layer between defined APIs
(your strcpy's, etc) and lets you inject at will...

There is a review of a trial version from a few years ago (though a
bit outdated) here:
http://tejasconsulting.com/open-testware/feature/holodeck-2.0.173.html

Im pretty sure you can still register for a trial but I understand its
limited.  I'll send you an off-list email when my review is complete. 
In anycase it will be posted on http://www.dyngnosis.com

cheers


On 6/19/05, Aviram Jenik <aviram () beyondsecurity com> wrote:
> Hi Jason,
>
> I'm not sure if that's what you meant, but we have a tool called beSTORM that
> finds buffer overflows in closed products (without requiring the source code)
> by testing all possible protocol combinations.
>
> beSTORM is responsible for most of the advisories we've released in the last
> couple of years (http://www.securiteam.com/advisories/) but it has not yet
> been launched 'officially'.
>
> Contact me off list if you would like more info.
>
> Best Regards,
> Aviram Jenik
> Beyond Security
>
> http://www.BeyondSecurity.com
> http://www.SecuriTeam.com
>
> The First Integrated Network and Web Application Vulnerability Scanner:
> http://www.beyondsecurity.com/webscan-wp.pdf
>
>
> On Wednesday 15 June 2005 21:19, Syversen, Jason M (US SSA) wrote:
> > As mentioned below Bugscan was sold to LogicLibrary and is not called
> > LogicScan. They are not selling Icebox as a product but they are selling
> > Inspector, which is kind of an integrator for Ollydbg and IDA Pro with
> > some plugins. Like Bugscan, really not cheap though. Halvar Flake will
> > have something coming out in the September timeframe, see Sabre
> > Security's web site for more information. Many people have home-grown
> > utilities to do this work but don't productize/release it because that's
> > where they get their 0-days from...
> >
> > Anyone else know of binary analysis tools that are out there, open
> > source or commercial?
> >
> > - Jason
> >
> > -----Original Message-----
> > From: Kyle Quest [mailto:Kyle.Quest () networkengines com]
> > Sent: Monday, June 13, 2005 12:15 PM
> > To: vuln-dev () securityfocus com
> > Subject: RE: tools for searching potential BO in binary code
> >
> >
> > It all depends on how much money you are
> > willing to pay. There was something called Bugscan
> > and it was definitely not cheap from what i understand.
> > The program was originally developed
> > by the company called HBGary (the name
> > Greg Hoglund should ring the bell :-] ).
> > It seems like it was spun off into a separate
> > company. At some point Bugscan was acquired
> > by LogicLibrary. I dont know what happened
> > to it after that, but if you look at the HBGary
> > website now, they seem to have some new product
> > that might be useful (check out something called Icebox).
> >
> > Kyle
> >
> > -----Original Message-----
> > From: Nix Yog [mailto:yognix () gmail com]
> > Sent: Wednesday, June 01, 2005 2:22 AM
> > To: vuln-dev () securityfocus com
> > Subject: tools for searching potential BO in binary code
> >
> >
> > hi all,
> > something like bugscam, but more functional?


-- 
~~~~ ~~~~ ~~~~ ~~~~ ~~~~ ~~~~ ~~~~ ~~~~
www.Dyngnosis.com - The Power of Knowledge

[Tutorials] - [Exploits] - [Reviews] - [Forums]
~~~~ ~~~~ ~~~~ ~~~~ ~~~~ ~~~~ ~~~~ ~~~~