GoSecure Blog

Sebastian Feldmann


Recent Posts

Fuzzing Closed Source PDF Viewers

This blog post covers typical problems which arise when fuzzing closed source PDF viewers and possible approaches to these problems. Hereby it focuses on both: Input-Minimization and Non-Terminating programs.

The approaches were found and implemented as part of my master thesis which I have written at TU Darmstadt, Germany in cooperation with Fraunhofer SIT.

Read More

Topics: windows, binary analysis, dynamic analysis, fuzzing, pdf

Chaos: a Stolen Backdoor Rising Again

This post describes a backdoor that spawns a fully encrypted and integrity checked reverse shell that was found in our SSH honeypot, and that was presented at GoSec 2017 in Montreal. We named the backdoor ‘Chaos’, following the name the attacker gave it on the system. After more research, we found out this backdoor was originally part of the 'sebd' rootkit that was active around 2013.

Read More

Topics: malware, botnet

Subscribe to Email Updates

Recent Posts