LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: September 19th, 2014
Linux Security Week: September 15th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Context serves up new CANAPE security assessment tool at Black Hat Europe Print E-mail
User Rating:      How can I rate this item?
Source: LinuxSecurity Contributors - Posted by Administrator   
Security Live presentation of bug discovery in Citrix ICA binary March 16th 2012 - Context Information Security has been presenting its latest Windows security assessment tool at Black Hat Europe this week in Amsterdam. CANAPE extends the functionality of existing web application testing tools such as CAT, Burp or Fiddler in order to analyse complex network protocols.

“Testing and exploiting binary network protocols can be both complex and time consuming,” says Michael Jordon, research and development manager at Context. “In most cases, custom software needs to be developed to proxy, parse and manipulate the traffic; but CANAPE provides a simple user interface that facilitates the capture and replaying of binary network traffic, whilst delivering a powerful framework to develop parsers and fuzzers.”

Context has been showcasing CANAPE in the famous Black Hat Arsenal event that allows independent researchers and the open source community to demonstrate their latest tools. Michael Jordon and James Forshaw, senior security consultant at Context, are also presenting CANAPE to the Black Hat conference audience today, on Friday 16 March. The presentation will include a worked example of using CANAPE to analyse the Citrix ICA binary protocol, allowing the discovery of a known heap corruption bug that can be used to gain remote code execution on Citrix clients.

For more information about CANAPE, please visit: www.contextis.com

For more information about Black Hat Europe, please visit:
https://www.blackhat.com/html/bh-eu-12/bh-eu-12-briefings.html

About Context
Context was launched in 1998 and has a client base that includes some of the world’s most high profile blue chip companies, alongside government organisations. An exceptional level of technical expertise underpins all Context services, while a detailed and comprehensive approach helps clients to attain a deeper understanding of security vulnerabilities, threats or incidents. The company’s strong track record is based above all, on the technical skills, professionalism, independence and integrity of its consultants.

Many of the world's most successful organisations turn to Context for technical assurance, incident response and investigation services. Context is also at the forefront of research and development in security technology. As well as publishing white papers and blogs addressing current and emerging security threats and trends, Context consultants are frequently invited to present at open and closed industry events around the world. Context delivers a comprehensive portfolio of advanced technical services t and with offices in the UK, Germany and Australia, is ideally placed to work with clients worldwide.

Issued by:
Context Information Security
Email: oasis[at]contextis[dot]com
www.contextis.com

For more information for editors, please contact:
Peter Rennison / Allie Andrews

PRPR,
Tel: + 44 (0)1442 245030
Email: pr[at]prpr[dot]co.uk / allie[at]prpr[dot]co.uk

Distributed on behalf of PRPR by NeonDrum news distribution service (http://www.neondrum.com)

Only registered users can write comments.
Please login or register.

Powered by AkoComment!

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Weekend Edition
Google to turn on encryption by default in next Android version
TOR users become FBI's No.1 hacking target after legal power grab
OWASP Releases Latest App Sec Guide
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.