Nowadays Antivirus Software are the larger defense deployed in corporations and final user desktops (mail servers, file servers, http and ftp internet gateways, workstations, etc) and their engines are reused in the IPSs that the same vendors develop. This talk will be about the findings and lessons learned while targeting the antivirus software that most of companies and users use. The talk will focus mainly in the type of bugs found (stack based buffer overflows, heap overflows, integer issues, uninitialized variables, traversals, etc) and the techniques used to find them.
Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.
Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.