Security Research

by Alexander Sotirov

Navigation

Resources

Latest posts

• Assured Exploitation 2011
• You Should Work for Symantec
• CSAW final challenge
• CSAW reversing challenge
• Darknet design

Archives

• 2011 | 2010 | 2009 | 2008

Follow

• Twitter
• Blog feed

Contact

• alex@sotirov.net
• PGP key

Meet me at

• CanSecWest

  Vancouver, Mar 9-11

• Infiltrate

  Miami Beach, Apr 16-17

Presentations

2009

• Bypassing Memory Protections: The Future of Exploitation

  • USENIX Security, August 2009, Montreal

• Pwnie Awards 2009

  • BlackHat USA, August 2009, Las Vegas

• Breaking the Security Myths of Extended Validation SSL Certificates

  • CanSecWest, March 2009, Vancouver
  • BlackHat USA, August 2009, Las Vegas

2008

• Pwnie Awards 2008

  • BlackHat USA, August 2008, Las Vegas

• How to Impress Girls with Browser Memory Protection Bypasses

  • SyScan, July 2008, Singapore
  • BlackHat USA, August 2008, Las Vegas
  • ToorCon, September 2008, San Diego
  • BA-Con, October 2008, Buenos Aires

• Blackbox Reversing of Cross-Site Scripting Filters

  • Recon, June 2008, Montreal
  • ekoparty, October 2008, Buenos Aires

2007

• Reverse Engineering and the ANI Vulnerability

  • Stanford University, April 2007, Palo Alto
  • Google Tech Talk, May 2007, Mountain View

• Heap Feng Shui in JavaScript

  • BlackHat Europe, March 2007, Amsterdam
  • SyScan, July 2007, Singapore
  • BlackHat USA, August 2007, Las Vegas

2006

• Reverse Engineering and Computer Security

  • Security SIG, October 2006, Palo Alto

• Hotpatching and the Rise of Third-Party Patches

  • BlackHat USA, August 2006, Las Vegas

• Reverse Engineering Microsoft Binaries

  • CanSecWest, March 2006, Vancouver
  • Recon, June 2006, Montreal
  • SyScan, July 2006, Singapore

2003

• Exploit Code Development

  • University of Alabama, October 2003