..:: Corelan Team | Peter Van Eeckhoutte (corelanc0d3r) ::..

Web Name: ..:: Corelan Team | Peter Van Eeckhoutte (corelanc0d3r) ::..

WebSite: http://www.corelan.be





Corelan Cybersecurity Research

:: Knowledge is not an object, it's a flow ::

Home Articles Free ToolsAD & CSAD Disable UsersCertificate List UtilityPVE Find AD UserExchange Transport AgentsAttachment filterAttachment renameNetworkingCisco switch backup utilityNetwork monitoring with powershellTCP PingSecurity Related Tools SecurityCorelan Team MembersCorelan Team MembershipCorelan Training "Corelan Live…Exploit writing tutorialsMetasploitFTP Client fuzzerHTTP Form field fuzzerSimple FTP Fuzzer – Metasploit…Nessus/Openvas ike-scan wrapperVulnerability Disclosure Policymona.py PyCommand for Immunity DebuggerDownload mona.pyMona.py – documentationCorelan ROPdbMirror for BoB’s Immunity Debugger… Terms of use Donate About…About Corelan TeamAbout meAntivirus/antimalwareCorelan public keysSitemap

Windows 10 egghunter (wow64) and more

Published | By Peter Van Eeckhoutte (corelanc0d3r)

Introduction Ok, I have a confession to make, I have always been somewhat intrigued by egghunters. That doesn’t mean that I like to use (or abuse) an egghunter just because I fancy what it does. In fact, I believe it’s a good practise to try to avoid egghunters if you can, as they tend to […]

Posted in Exploit Writing Tutorials, Exploits | Tagged asm, assembly, corelan-tutorial, egg, egghunter, exception handling, getpc, httpslnkd-indhauzer, nasm, ntaccesscheckandauditalarm, pentester, seh, shellcode, structured exception handler, syscall, tools-mail, w00t, w00tw00t, windows 10, wow64

Windows 10 x86/wow64 Userland heap

Published | By Peter Van Eeckhoutte (corelanc0d3r)

Introduction Hi all, Over the course of the past few weeks ago, I received a number of “emergency” calls from some relatives, asking me to look at their computer because “things were broken”, “things looked different” and “I think my computer got hacked”.  I quickly realized that their computers got upgraded to Windows 10. We […]

Posted in Exploit Writing Tutorials, Windows Internals | Tagged back-end allocator, bea, block, breakpoint, C#, chunk, fea, front-end allocator, heap, heap management, heap spray, lfh, low fragmentation heap, rtlallocateheap, rtlfreeheap, spray, userland, visual studio, windbg, windows 10, wow64, x86

EncFSGui – GUI Wrapper around encfs for OSX

Published | By Peter Van Eeckhoutte (corelanc0d3r)

Introduction 3 weeks ago, I posted a rant about my frustration/concern related with crypto tools, more specifically the lack of tools to implement crypto-based protection for files on OSX, in a point-&-click user-friendly way.  I listed my personal functional and technical criteria for such tools and came to the conclusion that the industry seem to […]

Posted in 001_Security, Crypto, My Free Tools, Scripts | Tagged boxcryptor classic, C#, corelan, cplusplus, crypto, el capitan, encfs, encfs6.xml, encfsctl, encfsgui, encryption, file encryption, folder encryption, github, gui, keychain, mount, osx, osxfuse, umount, volume, wrapper, wxWidgets, yosemite

Crypto in the box, stone age edition

Published | By Peter Van Eeckhoutte (corelanc0d3r)

Introduction First of all, Happy New Year to everyone! I hope 2016 will be a fantastic and healthy year, filled with fun, joy, energy, and lots of pleasant surprises. I remember when all of my data would fit on a single floppy disk. 10 times. The first laptops looked like (and felt like) mainframes on […]

Posted in 001_Security, Crypto | Tagged boxcryptor, container, cryptio-in-box-com, crypto, crypto-in-box-com, cusersadministratordesktopoutlook-test-txt, difference-between-open-whisper-signal-and-encfs, encryption, forum, innovation, pastebin-email-list, signal, stone-age-cipher, truecrypt, UI, url-addressmailbox, usability, veracrypt, whisper systems

How to become a pentester

Published | By Peter Van Eeckhoutte (corelanc0d3r)

Intro I receive a lot of emails.  (Please don’t make it worse, thanks!)   Unfortunately I don’t have as much spare time as I used to, or would like to, so I often have no other choice than to redirect questions to our forums or our IRC channel (#corelan on freenode), hoping that other members […]

Posted in 001_Security, Penetration testing, Web Application Security | Tagged asking questions, carreer, efforts, ethical hacker, free-list-of-email-addresses, goal, how to become, how-do-i-become-a-pentester, httpswww-corelan-beindex-php20151013how-to-become-a-pentester, httpswww-corelan-beindex-php20151013how-to-become-a-pentesterutm_contentbufferc2731, industry, infosec, internship, junior, penetration tester, pentester, security assessment, security audit, vulnerability assessment, where to start

Analyzing heap objects with mona.py

Published | By Peter Van Eeckhoutte (corelanc0d3r)

Introduction Hi all, While preparing for my Advanced exploit dev course at Derbycon, I’ve been playing with heap allocation primitives in IE.  One of the things that causes some frustration (or, at least, tends to slow me down during the research) is the ability to quickly identify objects that may be useful. After all, I’m […]

Posted in Exploit Writing Tutorials, Exploits, mona | Tagged 15-20211, 178-79-152-9, anything, bit-ly, breakpoint, dumplog, dumpobj, facebook-extract-email-addresses-software, gem-install-linkedin-scraper, log, mona-py-exploit-2014, mona-py-only-win32, mona.py, pykd-find-pointers, rtlallocateheap, rtlfreeheap, suricara-git-ids-ips, ttpwww-wintrusts-com, windbg, windbg-dump-heap-objects

CSO : Common Sense Operator/Operations

Published | By Peter Van Eeckhoutte (corelanc0d3r)

As the CSO/CISO/person responsible for Information Security, your job is to…  well … do you even know?  Does upper management know?  “Our crappy CSO …” and “Our stupid CSO …” are statements commonly used by various (techie) people, throwing their hands up in despair, attempting to prove that their CSO doesn’t understand technology and has […]

Posted in CSO | Tagged 178-79-152-9, attitude, bcp, business continiuty, ciso, coleran-team, common sense, corelan, cso, defense, disaster recovery, drp, emet, experience, mona-download, positive, priorities, protection, sla, user awareness

HITB2014AMS – Day 2 – On Her Majesty’s Secret Service: GRX & A Spy Agency

Published | By Peter Van Eeckhoutte (corelanc0d3r)

Last year, Belgacom got hacked by an intelligence service (GCHQ?), Rob says. “What is so interesting about this hack, why did they hack into Belgacom, what would or could be the purpose of a similar hack?”  Before answering those questions, we need to take a quick look on how mobile networks work and how mobile […]

Posted in Cons and Seminars | Tagged amazon, Belgacom, BICS, corelan-be-grx, GCHQ, gprs, GPRS roaming exchange, grx-and-spy-agency, GTP, hitb2014ams, httpswww-corelan-beindex-php20140530hitb2014ams-day-2-on-her-majestys-secret-service-grx-a-spy-agency, KPN, mobile-grx-network-hack, openggsn-hack, rob kuiters, SCTP, stephen kho, szpy-kpnm

HITB2014AMS – Day 2 – Exploring and Exploiting iOS Web Browsers

Published | By Peter Van Eeckhoutte (corelanc0d3r)

iOS Browsers & UIWebview iOS is very popular (according to StatCounter, it’s the 3rd most popular platform used).  Mobile browsers take about 20% to 25% of the market share. iOS offers integration with desktop browsers and cloud (so the same data is available to an attacker).  Many 3rd party IOS browsers have similar weaknesses which […]

Posted in Cons and Seminars | Tagged ABS, Address Bar Spoofing, apple, chrome, exploit, f-secure-browser-ios, google, hitb2014ams, ios, iosweb, javascript, Mercury, mobile safari, post-a-commentiphone-app-allow-html-tag, same-origin policy, sop, UXSS, web browser, webkit, Yandex

HITB2014AMS – Day 2 – Keynote 4: Hack It Forward

Published | By Peter Van Eeckhoutte (corelanc0d3r)

Good morning Amsterdam, good morning readers, welcome to the second day of the Hack In The Box conference. The speaker for the first keynote didn’t show up,  so we’ll jump right into the next keynote. Jennifer starts her keynote by explaining that she’s fortunate to be able to travel to a lot of conferences and […]

Posted in Cons and Seminars | Tagged amazon, corelan, corelan team, corelan-be, corelean, corelean-team, depalsr, download-mona, easy-rm-exploit-tutorial, exploit-writing-in-c, hitb2014ams, httpswww-corelan-be, IOActive, Jennifer Steffens, jennifer-steffens-ioactive, keynote, mona-download, motivation, nlp-secrets-index-ofebooks, win10-ldrpchecknxcompatibility Page 1 of 2412345...1020...»Last »

Corelan Training

We have been teaching our win32 exploit dev classes at various security cons and private companies & organizations since 2011

Check out our schedules page here and sign up for one of our classes now!


Want to support the Corelan Team community ? Click here to go to our donations page.

Want to donate BTC to Corelan Team?

Your donation will help funding server hosting.

Corelan Team Merchandise

You can support Corelan Team by donating or purchasing items from the official Corelan Team merchandising store.

Corelan on Slack

You can chat with us and our friends on our Slack workspace:

Go to our facebook pageBrowse through the posts and find the invite to SlackUse the invite to access our Slack workspace


Log inEntries feedComments feedWordPress.org


Copyright Peter Van Eeckhoutte © 2007 - 2022 | All Rights Reserved | Terms of use

Hi there!

Do you like our free content? Enjoying the materials we put together?

Are you interested in learning how to write exploits for Windows, but perhaps looking for updated materials?

Are you struggling to fully grasp the concepts based on what you find online? Would you perhaps prefer to learn in a classroom setting instead?

We have good news for you!

Did you know that we travel to strategic places around the world, to teach our world-renowned exploit development classes.

In order to preserve and ensure a top-quality learning experience, all of our classes are delivered in-person. (Corona-proof, of course!)

We currently offer 2 classes:

Our “Bootcamp” classes covers the basics of exploit development for Windows 10.

The “Advanced” class covers heap exploitation for Windows 7 & Windows 10.

Both classes contain a short introduction on x64 exploitation!

You can find our schedules here: https://www.corelan-training.com/index.php/training-schedules .

>>> Our classes tend to sell out fast, so sign up today and secure your seat in one of our classes !! <<<

And if you’re not sure – feel free to check what our students have to say about our classes.


We are using cookies to give you the best experience on our website.

You can find out more about which cookies we are using or switch them off in settings.

Privacy Overview

a. Corelan respects your privacy. Most information accessible on or via the
Corelan Website is available without the need to provide personal information.
In certain cases you may however be requested to submit personal information. In
such case your personal information shall be treated in accordance with the General Data Protection Regulation and any amendments hereof.

b. All personal information made available by you will be treated solely for
the purpose of making available to you the requested information or services.
Your personal information will not be shared with third parties, but it may be used for authentication, support & marketing purposes in relation with services provided by Corelan.

c. We will only keep your personal information for as long as is required to
provide you with the requested information or services, or for any longer period
as may legally be required.

d. It is our goal to reasonably protect the personal information made
available by you from third parties.

e. You have the right to consult, correct, adjust or have removed your
personal details by written request to Corelan.  If you decide to get your information removed, you understand and accept that you will lose all access to any resources that require the use of these personal details, such as parts of the website that require authentication.

f. When using the Corelan Website, cookies may possible be used. You do not have to accept cookies to be able to use the publicly accessible parts of Corelan Websites. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices.   Cookies may be used to display advertisements or to collect statistics about the use of the Corelan website.

g. This privacy policy may be amended by Corelan at any time.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.

Cookie Policy

When using the Corelan Website, cookies may possible be used. You do not have to accept cookies to be able to use the publicly accessible parts of the Corelan Website. If you have an account and you log in to this site, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser. When you log in, we will also set up several cookies to save your login information and your screen display choices.

We may use third party cookies to show ads and to collect anonymous information such as the number of visitors to the site, and the most popular pages.  The ability to show ads is an important source of income to cover the hosting fees to keep this website alive. If you prevent ads from being displayed, this website will eventually disappear.

TAGS:Peter Team Corelan corelanc0d3r

<<< Thank you for your visit >>>

Websites to related :
Sundhedsteamet Kurser og Projekt


Aquateam COWI AS &#8211; Et fors

  Gå til innholdMenyForskningsområderForskereArtiklerPOLNOR-prosjekterKontaktENPL

Smile Team Turkey | Premium Dent

   Skip to content smileteamturkey smileteamturkey Message on WhatApp TreatmentsDental ImplantsDental CrownsLaminate VeneersV


  超棒 4.6 满分5星买方保护计划当您在DAN.COM购买域名时,您会自动进入我们的买家保护计划。关于我们如何确保您的安全性的详情,请查看信任与安全页面。除了我们安全

Newes – Full steam ahead!

  Ga naar de inhoudLinkedinEnvelope+31 74 8515555info@newes.nla.glink img {margin-right:2px;}#goog-gt-tt{display:none!important;}.goog-te-banner-frame{d

Unitz1 &#8211; Apparel for busin

  HomeStoresHow it WorksDesignDecorateStoresFAQsAboutIn-House DesignPersonal TouchFundraisersThousands of ProductsContact Have a store code? Click her

KEYSTEAM - Кейсы с игр


Hockey Golf Bags | NHL Team Golf

  "); } else { win._boomrl = function() { bootstrap(); }; if (win.addEventListener) { win.addEventListener("load", win._

Peter Lik Fine Art Photography f

  "); } else { win._boomrl = function() { bootstrap(); }; if (win.addEventListener) { win.addEventListener("load", win._

Team Valor International | Prove

  Welcome Team Getting Started News Videos Statistics Famous Horses Contact Us


Hot Websites