Intelligence is knowing what to do

when you don't know what to do

Technical Papers & Presentations

These white papers, technical papers and presentations have been given all over the world at security conferences. We have collected them here to let you quickly examine Immunity's expertise.
Unveiling the Underground World of Anti-Cheats
Joel Noguera Recon Montreal 2019 June 29th, 2019
Black Hat Europe 2019 December 5th, 2019 PDF - Recon PDF - Black Hat
Kernel Memory Disclosures & CANVAS (Part 1, Part 2)
CANVAS Team November 13th, 2018 PDF #1 PDF #2
The Unbearable Lightness of BMC
Nico Waisman + Matias Soler BlackHat USA 2018 August 8th, 2018 PDF #1 PDF #2
Kostya Kortchinsky May 26th, 2010 PDF
Vulnerability Assessment Tools vs. Penetration Testing Suites
Sean Heelan Jan 6th, 2009 PDF
Code Analysis Carpentry
Sean Heelan Dec 7th, 2010 PDF
Aleatory Persistent Threat
Nico Waisman Dec 6th, 2010 PDF
Padding Oracle for the Masses
Nico Waisman Dec 6th, 2010 PDF
Pablo Sole September 20th, 2010 PDF
Aleatory Persistent Threat
Nico Waisman August 3rd, 2010 PDF
Applying Taint Analysis and Theorem Proving to Exploit Development
Sean Heelan July 16th, 2010 PDF
Why Attackers Win
Dave Aitel June 16th, 2010 ZIP
Confidence: General Notes About Exploiting Windows x64
Sebastian Fernandez May 25th, 2010 PDF
Gustavo Scotti December 21st, 2009 PDF
Exploit Categories Explained
Alex McGeorge November 30th, 2009 PDF
Rich Smith BlackHat Europe 2009 April 16th, 2009 PDF #1 PDF #2
CanSecWest Keynote: Writing User-Friendly Exploits
Skylar Rampersaud CanSecWest 2009 March 19th, 2009 PDF
Pablo Sole November 8th, 2008 PDF
Economies of Scale in Hacking
Dave Aitel October 4th, 2008 PDF
Dave Aitel September 25th, 2008 PDF
Attacking Embedded Languages
Pablo Sole June 16th, 2008 ODP
Exploiting Kernel Pool Overflows
Kostya Kortchinsky June 11th, 2008 ODP
The I2OMGMT Driver Impersonation Attack
Justin Seitz June 11th, 2008 PDF ODT
The Hacker Strategy*
Dave Aitel * Updated for Harvard ABCD meeting March 28th, 2008 PDF
IO Immunity Style
Sinan Eren February 29th, 2008 PDF
The Hacker Strategy
Dave Aitel S4 SCADA Conference Keynote January 26th, 2008 PDF
Going Against The Gradient
January 22nd, 2008 PDF ODT (Open Office)
Beyond Fast Flux
December 14th, 2007 PDF ODP (Open Office Presentation)
Exploit Development with Immunity Debugger
November 23rd, 2007 ODP (Open Office Presentation)
Intelligent Debugging
Damian Gomez August 10th, 2007 PDF ODP (Open Office Presentation)
Understanding and Bypassing Windows Heap Protection
Nicolas Waisman July 6th, 2007 PDF ODP (Open Office Presentation)
The IPO of 0days
Justine Aitel July 6th, 2007 PDF ODP (Open Office Presentation)
CANVAS Command Line Executer
Dave Aitel April 8th, 2007 ODT (Open Office paper)
Macro-Reliability in Win32 Exploits
Kostya Kortchinsky April 8th, 2007 ODP (Open Office Presentation)
Remote Language Detection
Dave Aitel December 6th, 2006 ODT (Open Office Paper)
MSRPC Fuzzing
Dave Aitel August 30th, 2006 ODT (Open Office paper) ODP (Open Office presentation)
Dave Aitel February 13th, 2006 PDF ODP (Open Office presentation) TGZ source
Nematodes (updated)
Dave Aitel January 26th, 2006 PDF ODP (Open Office presentation) VisualSploit Preliminary Flash Demo
Webmin: Perl Format String Bugs Case Study
Bas Alberts November, 2005 PDF
Dave Aitel September 29th, 2005 PDF SXI (Open Office)
The zlib infate_table bug: from patch to playtime
Bas Alberts July, 2005 PDF
Practical IDS Evasion
Dave Aitel May 9th, 2005 SXI (Open Office)
Exploiting the PHP_Limit bug
Bas Alberts February 28th, 2005 PDF
0days: How Hacking Really Works
Dave Aitel January 29th, 2005 PDF SXI (Open Office) HTML
The CANVAS Reference Implementation
Dave Aitel October 12th, 2004 SXI (Open Office)
Advanced Ordnance 2
Dave Aitel October 12th, 2004 PDF SXI (Open Office)
Microsoft Windows, a lower Total Cost of Ownership
Dave Aitel August 12th, 2004 PDF SXW (Open Office)
Beyond Best Practices (Given at OWASP AppSec 2004)
Dave Aitel June 21st, 2004 SXI (Open Office)
Rapid Application Development in Linux using pyGTK
Dave Aitel May 19th, 2004 SXI (Open Office)
Enterprise Specific Software Security Issues
March 1st, 2004 SXW (Open Office)
The Advantages of Block-Based Protocol Analysis for Security Testing
February 4th, 2003 PDF SXW (Open Office) HTML Text Post Script
Using SPIKE 101
July 29th, 2002 Power Point Real Media
Vivisection of an Exploit Development Process
February 24th, 2003 Power Point Real Media
Windows Exploitation for Unix Hackers
May 1st, 2003 Power Point
September 29th, 2003 Power Point
Advanced MOSDEF
January 27th, 2003 Open Office
Linux Heap Overflow Techniques
Nicolas Waisman March 1st, 2003 Power Point
Microsoft Heap Overflows I/II
September 12th, 2003 PDF SXW
Microsoft Heap Overflows II/II
September 12th, 2003 PDF SXW