Denis Makrushin
  • Blog
  • Research
Denis Makrushin
  • About
Blog

Старт курса “Основы безопасности приложений” в НИЯУ МИФИ

by Denis Makrushin September 2, 2022
written by Denis Makrushin

September 2, 2022 0 comment
FacebookTwitterPinterestLinkedinRedditTelegramEmail
Blog

Contribution to Linux kernel: patch to fix fuzzing process with nyx-fuzz and VMware

by Denis Makrushin February 12, 2022
written by Denis Makrushin

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.16.5

With the latest Linux kernel, the fuzzing process will be easier not only for our team. Thanks to Denis Valeev, who discovered, prepared, and contributed the patch to kernel v.5.16.5.

The discovered bug breaks nyx-fuzz (also included in AFL++ code base) that uses VMware backdoor as an alternative way for hypercall from guest user-mode. With this bug, a hypercall is interpreted as a GP and leads to process termination. Bug occurs on GP triggered by VMware backdoor when eax value is unaligned. eax alignment check should not be applied to non-SVM instructions because it leads to incorrect omission of the instructions emulation. The solution is to apply alignment check only to SVM instructions.

February 12, 2022 0 comment
FacebookTwitterPinterestLinkedinRedditTelegramEmail
Research

Attack Surface Analysis and Monitoring using Open-Source Intelligence

by Denis Makrushin February 7, 2022
written by Denis Makrushin

The paper introduces the case study for attack surface analysis and monitoring with practical application of open-source intelligence (OSINT) methods. The case is based on the perimeters of healthcare organizations and aims to introduce the threat landscape of healthcare industry as well as methods to collect information about entry points and assets on network perimeter. Techniques and tools in this paper are not limited by organization type and can be applied for different network assets to prepare initial information during first stage of penetration testing and red team operations.

Continue Reading
February 7, 2022 0 comment
FacebookTwitterPinterestLinkedinRedditTelegramEmail
Load More Posts

Join Telegram Channel

  • Twitter
  • Instagram
  • Linkedin
  • Email
  • Vk
  • Telegram

@ 2009. Denis Makrushin


Back To Top
Denis Makrushin
  • Blog
  • Research
Denis Makrushin
  • About