June 14, 2009

Precall and Postcall

When using hooking technology to intercept system calls, there are two different places to collect information: before the original function is called (precall) and after the […]
June 7, 2009

Get system call address from SSDT

One difference in Qebek from other existing virtualization based honeypot monitoring tool is that I want to ‘hook’ the function of system service instead of the […]
May 27, 2009

Honeybrid: combining low and high interaction honeypots

The goal of this post is to introduce myself and my project: my name is Robin Berthier and I just got my PhD from the University […]
May 27, 2009

Introducing Glastopf, a Web Application Honeypot

Hello, this initial blog post is used to introduce me and to provide a brief overview of my GSoC Project. My name is Lukas Rist (my […]
April 24, 2009

LEET09 Paper: PhoneyC: A Virtual Client Honeypot

Earlier this week I had the good fortune to be in Boston for LEET09, a workshop on exploits, malware, and large-scale trends. I presented on PhoneyC, […]
March 2, 2009

Annual Honeynet Workshop

Once a year the Honeynet Project brings together members from around the world for a one week workshop on honeypot research, development and deployments.  This year’s […]
February 12, 2009

Mexican Chapter – Annual Report

=== ORGANIZATION ===The Mexican HP Chapter members are:Miguel Hernández y López ( Gonzalez Robledo ( DEPLOYMENTS ===* Capture HP deployment and a nepenthes sensor in several […]
December 8, 2008

My usenix WASL 2008 slides are available

I gave a lecture on Picviz during the Usenix Workshop on the Analysis of System Logs (WASL 2008). My slides ‘Picviz: finding a needle in a […]
November 4, 2008

MS08-067 exploitation in the wild

(This article was originally published at If you followed IT security related blogs or mailinglists lately, you are aware that a critical server service vulnerability […]