Welcome to Errata Security
Home Events Blog About Us Contact Us
space News space Services space Research
Errata Security Research Prototype Development Publications
Research is the basis for everything Errata Security produces. Exploits developed for the testing of Hacker Eye View reports are also used by our professional services and product testing teams. Techniques for product testing are used to develop evasion techniques that fuel exploit development for Hacker Eye View reports and to be used by professional services. Real world information gathered by our consultants is applied to both product testing and Hacker Eye View analysis.
Errata Security Public Research
09.7.2009 TwiGUARD site launched to research social networking threats.

TwiGUARD is a research project to help Errata understand, track, and block threats that are appearing on social networks like Twitter. TwiGUARD is the testbed for the first Social Content Firewall (SCF), or the process of providing 3rd party protection for a cloud based resource. The TwiGUARD project is broken down into 3 phases. The first phase is the collection of information regarding threats and how they propagate. The second phase is the analysis of the data and applying it to twitter by way of a 3rd party twitter portal and mobile twitter client. The 3rd phase is when this technology is opened tot he public. Information about the twitter, TwiGUARD, and its findings will be posted on the Errata Security blog or on the TwiGUARD Analysts page.

TwiGUARD can be found here.

06.27.2008 AxBan 1.5 available

AxBan blocks known bad ActiveX Controls from running on your computer.

The newest version, AxBan 1.5 downloads a current copy of the ActiveX Control list at launch from an XML page. Added copy feature and information screen. 

The new version of the tool is available here.
06.24.2008 Windows Mobile Registry Viewer available

Small lightweight tool for viewing the Windows Mobile Registry. Screenshots are available here.

This unsupported version of the tool is available here.

05.28.2008 AxBan 1.0.0.4 available

Added checks for Creative Software AutoUpdate Engine, and unkillbit function. 

05.22.2008 AxBan 1.0 available

AxBan allows users to control the growing problem of bad ActiveX controls.

04.06.2008 LookingGlass 1.1 available

LookingGlass 1.1 contins new functionality and bugfixes.
The new version of the tool is available here.

02.29.2008 LookingGlass 1.0 available

LookingGlass is a tool to check what security features a binary is using like ASLR and NX.
The new version of the tool is available here.

01.10.2008 Ferret 1.1 available

Ferret 1.1 contins new functionality and bugfixes.
The new version of the tool is available here.

09.19.2007 Research paper on kernel exploits released

David Maynor published a paper detailing the infamous Apple 802.11 flaw that allows a remote attacker to take control of a victim machine.
The paper is availble from Uninformed here.

08.03.2007 Sidejacking with Hamster

The Ferret and Hamster tools from Blackhat Vegas 2007.
Download the code here.

03.11.2007 Metasploit on the N800

There was a post on the Errata Security blog about getting Metasploit running on a N800. Here are the detailed instructions.
Metasploit N800 instructions are here.

03.01.2007 Ferret 1.0

The Data Seepage tool that was demonstrated at Blackhat DC 2007. This includes the Windows build and source code.
The Ferret page is here.