[Dailydave] Diversity Programs

Dave Aitel dave.aitel at gmail.com
Thu Aug 31 13:41:05 UTC 2017


So I wanted to quickly go over how important it is sometimes to write the
exploits from scratch. Honestly, we can't figure out what's wrong with the
MSF version of this exploit, or understand why Microsoft didn't point out
it was also a LPE. But it's worth knowing and seeing for yourself! A lot of
what you learn from writing exploits is simple serendipity because the
space is too big to exhaustively explore.

These sorts of "small" differences are why when we do sales calls and
people are like "I'm deciding between MSF Pro and CANVAS" I usually just
say "You're probably going to buy both." Even if there wasn't a major
difference between the exploits every AV and secondary protection measure
fails on one or the other of the frameworks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.immunityinc.com/pipermail/dailydave/attachments/20170831/b4327ae4/attachment.html>

More information about the Dailydave mailing list