Home - Blog - Advisories - Research - Papers - Books - Presentations - Tools - About

Research Projects

Rootkit Profiler - RKProfiler is an advanced kernel rootkit detection toolkit.

Advanced Exploiting - This project deals with different aspects of software vulnerabilities and their exploitation. I'm currently focusing on advanced exploitation techniques regarding remote memory corruption vulnerabilities within network services that are deployed in (highly secured) enterprise environments. If you are interested in this subject have a look here.

VMMs - A virtual machine monitor (VMM) is a piece of software that allows multiple operating systems to run concurrently on so called virtual machines (VMs) on a single hardware plattform. Therefore the VMM creates efficient, isolated environments. An example for a VMM is VMware. VMMs are widely used today, e.g. for server consolidation, Honeypots/nets or forensic/antivirus purposes. There are several exciting issues regarding VMMs, e.g.: 1. Can one reliably determine if she/he/it is inside a virtual machine or on a native system? 2. Is it possible to escape from a VM (to reach the Host OS or to manipulate other VMs)? If you find this subject as exciting as I do, you can find some of my writings/codes/findings etc. about VMMs here.

IT Forensic - I have written some tools to assist forensic analysis. If you are interested in this subject have a look here.

SSL Cert/Key Finder - If you are interested in how to extract RSA private keys and certificates out of the process memory have a look here.

:: Copyright (c) 2000-2010 Tobias Klein. All rights reserved. ::