|
Richard Johnson [email protected] |
||
|
BIO
Richard Johnson is a computer security specialist who spends his time playing
in the realm of software vulnerability analysis. Richard currently fills the
role of Principal Research Engineer on Sourcefire's Vulnerability Research
Team, offering 10 years of expertise in the software security industry. Current
responsibilities include research on exploitation technologies and automation of
the vulnerability triage and discovery process. Past areas of research include
memory management hardening, compiler mitigations, disassembler and debugger
design, and software visualization. Richard has released public code for
binary integrity monitoring, program debugging, and reverse engineering and has
presented at 18 conferences worldwide since 2004 Richard is also a co-founder
of the Uninformed Journal and a long time resident of the Hick.org ranch.
Many thanks to Rodrigo Rubira Branco at kernelhacking.com for his contribution to md5verify. Users can now enjoy the option of SHA1 hashes and LSM integration. |
PRESENTATIONS
Razorback Framework
Gigacon, Warsaw, Poland, September 2011 pptx Razorback Framework Internet Security Days, Bruehl, Germany, September 2011 pptx Improving Software Security with Dynamic Binary Instrumentation SOURCE, Seattle, Washington, June 2011 pptx A Castle Made of Sand: Adobe Reader X Sandbox Hackito Ergo Sum, Paris, France, April 2011 pptx (minor update) A Castle Made of Sand: Adobe Reader X Sandbox CanSecWest, Vancouver, B.C. Canada, March 2011 pdf pptx Harder, Better, Faster, Stronger: Semi-Auto Vulnerability Research Blue Hat, Redmond, Washington, October 2010 slides paper Harder, Better, Faster, Stronger: Semi-Auto Vulnerability Research Black Hat USA, Las Vegas, Nevada, August 2010 slides paper video Visualizing Software Security Blue Hat, Redmond, Washington, October 2008 pptx Visualizing Software Security VizSec, Cambridge, Massasschusetts, September 2008 pptx Fast n Furious Transforms Toorcon Seattle, Seattle, Washington, April 2008 pdf pptx AutoHacking with Phoenix Enabled Data Flow Analysis Toorcon 9, San Diego, California, October 2007 pdf pptx Logical Fuzzing VNSECON, Ho Chi Minh, Vietnam, August 2007 pdf pptx Memory Allocator Attack and Defense Toorcon Seattle, Seattle, Washington, May 2007 pptx Windows Vista: Exploitation Countermeasures EuSecWest, London, England, March 2007 ppt Windows Vista: Exploitation Countermeasures Toorcon 8, San Diego, California, September 2006 ppt Disassembler Internals II 22nd Chaos Communication Congress, Berlin, Germany, December 2005 pdf codis.tar.gz idastruct.tar.gz codis.png x86 Disassembler Internals Toorcon 7, San Diego, California, September 2005 pdf codis.tar.gz codis screenshot Automated Debugging and Process Analysis Interz0ne IV, Atlanta, Georgia, March 2005 pdf dltrace-0.5.tar.bz2 dltrace.README Hooking the Linux ELF Loader Toorcon 6, San Diego, California, October 2004 pdf md5verify A Comparison of Buffer Overflow Prevention Implementations and Weaknesses Defcon 12, Las Vegas, Nevada, July 2004 pdf avtp.tar.gz avtp.README A Comparison of Buffer Overflow Prevention Implementations and Weaknesses Black Hat USA, Las Vegas, Nevada, July 2004 pdf avtp.tar.gz avtp.README Advanced Shellcode Implementations Interz0ne III, Atlanta, Georgia, April 2004 |
PROJECTS
RESOURCES
LINKS
|
