While some excellent researches have been done addressing OS based protection (such as: DEP and ASRL), the Exploit Next Generation� (ENG++) Compliance Methodology addresses the security designed solutions, and gets a powerful approach when combined with other techniques.
That is the very first definition of "Z-Day Attacks" concept:
"Any new attack exploitation variant that cannot be detected by regular security solutions and/or products."
The ENG++ (pronounced /en'jin/ incremented):
Is more a methodology than a single tool.
Requires a deep knowledge of vulnerability.
Helps to create new exploit variants, maintaining the reliability.:
Penetration test;
Exploit Development;
Security Solution Evasion Test;
Security Solution Quality Assurance;
Can be applied for any open attack frameworks, such as:
Metasploit Framework;
CORE Impact Pro; and
Immunity CANVAS Professional.
Download: http://code.google.com
{ 0 komentar... Views All / Send Comment! }
Posting Komentar