|
|
| [ Home ] [ Services ] [ Blog ] [ Publications ] [ About ] |
|
In addition to offering penetration testing services members of Z-Labs are commited to conduct independent security research and development to constanly improve its R&D capabilities |
|
.:: Vulnerability Research ::. In addition to discovering security issues and design flaws in properitary software for our clients, Z-Labs occasionally conducts its own vulnerability research on chosen open source software and performs other security research related activities. :: Discovery of CVE-2017-17858 vulnerability - multiple memory corruptions during pdf processing Software affected: MuPDF (ver. 1.12.0) :: Discovery of CVE-2015-3146 vulnerability - DoS condition (server-side NULL pointer dereference) Software affected: libssh (ver. < 0.6.5) :: Discovery of CVE-2015-1782 vulnerability - remote out-of-bounds memory read Software affected: libssh2 (ver. <= 1.4.3) :: Security challenges and CTF-like competitions writeups To constantly improve in the art of vulnerability discovery and to stay sharp with latest exploitation techniques we solve them a lot. We publish our solutions of selected problems at github. :................................................. .:: Security tools & Exploits ::. At Z-Labs a lot of code is written: PoC exploits, custom fuzzers and other custom-written scripts. We release some of them to share with the community. :: linux-exploit-suggester - Linux privilege escalation auditing tool Written to aid a security analyst in uncovering known and exploitable vulnerabilities in Linux kernel. :: Exploits ported to Nmap Lua scripts contributed by us to Nmap network scanner. :................................................. .:: Whitepapers ::. Ops-Sec for Penetration Testers and Red Teamers - comming soon. |
copyright (c) 2005-2019 Mariusz Ziulek