Jump to content
Compatible Support Forums
Sign in to follow this  
neondrum

Context serves up new CANAPE security assessment tool at Black Hat Europe

Recommended Posts

March 16th 2012 - Context Information Security has been presenting its latest Windows security assessment tool at Black Hat Europe this week in Amsterdam. CANAPE extends the functionality of existing web application testing tools such as CAT, Burp or Fiddler in order to analyse complex network protocols.

 

“Testing and exploiting binary network protocols can be both complex and time consuming,†says Michael Jordon, research and development manager at Context. “In most cases, custom software needs to be developed to proxy, parse and manipulate the traffic; but CANAPE provides a simple user interface that facilitates the capture and replaying of binary network traffic, whilst delivering a powerful framework to develop parsers and fuzzers.â€

 

Context has been showcasing CANAPE in the famous Black Hat Arsenal event that allows independent researchers and the open source community to demonstrate their latest tools. Michael Jordon and James Forshaw, senior security consultant at Context, are also presenting CANAPE to the Black Hat conference audience today, on Friday 16 March. The presentation will include a worked example of using CANAPE to analyse the Citrix ICA binary protocol, allowing the discovery of a known heap corruption bug that can be used to gain remote code execution on Citrix clients.

 

For more information about CANAPE, please visit: www.contextis.com

 

For more information about Black Hat Europe, please visit:

https://www.blackhat.com/html/bh-eu-12/bh-eu-12-briefings.html

 

About Context

Context was launched in 1998 and has a client base that includes some of the world’s most high profile blue chip companies, alongside government organisations. An exceptional level of technical expertise underpins all Context services, while a detailed and comprehensive approach helps clients to attain a deeper understanding of security vulnerabilities, threats or incidents. The company’s strong track record is based above all, on the technical skills, professionalism, independence and integrity of its consultants.

Many of the world's most successful organisations turn to Context for technical assurance, incident response and investigation services. Context is also at the forefront of research and development in security technology. As well as publishing white papers and blogs addressing current and emerging security threats and trends, Context consultants are frequently invited to present at open and closed industry events around the world. Context delivers a comprehensive portfolio of advanced technical services t and with offices in the UK, Germany and Australia, is ideally placed to work with clients worldwide.

 

Issued by:

Context Information Security

Email: oasis[at]contextis[dot]com

www.contextis.com

 

For more information for editors, please contact:

Peter Rennison / Allie Andrews

PRPR,

Tel: + 44 (0)1442 245030

Email: pr[at]prpr[dot]co.uk / allie[at]prpr[dot]co.uk

 

Distributed on behalf of PRPR by NeonDrum news distribution service (http://www.neondrum.com)

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×