|
EN | PL |
[ Services ] [ Blog ] [ Publications ] [ About ]    |
|
In addition to offering penetration testing services members of Z-Labs are commited to conduct independent security research and development to constanly improve its R&D capabilities |
[ Security Advisories ] In addition to discovering security issues and design flaws in properitary software for our clients, Z-Labs occasionally conducts its own vulnerability research on chosen open source software and performs other security research related activities. :: Discovery of CVE-2017-17858 vulnerability - multiple memory corruptions during pdf processing Software affected: MuPDF (ver. 1.12.0) :: Discovery of CVE-2015-3146 vulnerability - DoS condition (server-side NULL pointer dereference) Software affected: libssh (ver. < 0.6.5) :: Discovery of CVE-2015-1782 vulnerability - remote out-of-bounds memory read Software affected: libssh2 (ver. <= 1.4.3) [ Tools ] At Z-Labs a lot of code is written: PoC exploits, specialized fuzzers and other custom-written software. We release some of them to share with the security community. :: linux-exploit-suggester - Linux privilege escalation auditing tool Written to aid a security analyst in uncovering known and exploitable vulnerabilities in Linux kernel. :: Nmap contributions Scripts and patches contributed by us to Nmap network scanner. [ Whitepapers / Guidelines ] Collection of published whitepapers and guides. :: Z Field Manual - penetration tester's field guide Link: Z Field Manual :: OPSEC for Penetration Testers and Red Team Operators Comming soon. |
copyright (c) 2018-2022 Z-Labs