Saturday, 19. May 2012
ClubHACK Magazine May 2012
Am Saturday, 19. May 2012 im Topic 'Books change the World'
Contents:
Tech Gyan: Steganography over converted channels
Security and privacy have been a concern for people for centuries. Whether it is private citizens, governments, military, or business, it seems everyone has information that needs to be kept private and out of the hands of unintended third parties. Information wants to be free but it is necessary to keep information private. That need has come about because governments have sensitive information, corporations send confidential financial records, and individuals send personal information to others and conduct financial transactions online. Information can be hidden so it cannot be seen. The information can also be made undecipherable. This is accomplished using steganography and cryptography.
Legal Gyan: Section 66C – Punishment for identity theft
The term identity theft was coined in 1964. However, it is not literally possible to steal an identity so the term is usually interpreted with identity fraud or impersonation. Identity Theft is a form of stealing someone’s identity by pretending to be someone else typically in order to access resources or obtain credit and other benefits in that person’s name.
Tool Gyan: Kautilya
One liner about Kautilya – Kautilya is a toolkit which makes it easy to use USB Human Interface Device (like Teensy++), in breaking into a system. Now let’s understand what does that mean. First let’s understand Teensy++ (I will use Teensy for Teensy++ from now on). It is a USB HID which could be used as a programmable keyboard, mouse, joystick and serial monitor. What could go wrong? Imagine a programmable keyboard, which when connected to a system types out commands pre-programmed in it. It types faster than you and makes no mistakes. It can type commands and scripts and could use an operating system against itself, that too in few seconds. If you can program the device properly keeping in mind most of the possibilities and quirks it could be a really nice pwnage device.
Matriux Vibhag: How to enable WiFi on Matriux running inside VMWare
One of the most commonly asked question on Matriux forums and IRC is how to enable and work with WiFi on a Matriux instance running inside VMWare or any other virtualization software. This tutorial will take you step by step on how to do that. For this tutorial, I am running VMware® Workstation on a Windows 7 Enterprise N Edition which is my Host machine. The Matriux is (obviously) my guest operating system running “Krypton” v1.2. I am using a D-Link DWA-125 Wireless N 150 USB Adapter for this tutorial.
Mom’s Guide: HTTPS (Hyper Text Transfer Protocol Secure)
Hypertext Transfer Protocol (HTTP) is a protocol where communication happens in clear text. To ensure authenticity, confidentiality and integrity of messages Netscape designed HTTPS protocol. Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL (Secure socket layer)/TLS (Transport layer security) protocol. It provides encrypted communication and secure identification of a network web server. HTTPS encrypts and decrypts the page requests and page information between the client browser and the web server using a secure Socket Layer (SSL). HTTPS by default uses port 443 as opposed to the standard HTTP port of 80. URL’s beginning with HTTPS indicate that the connection between client and browser is encrypted using SSL.
Code Gyan: Don’t Get Injected – Fix Your Code
When I began doing security review for web applications, one common issue that I encountered was ‘SQL Injection’. Developers used to pose several questions at me saying that their software is secure as they had followed several measures to mitigate this insidious issue. The main mitigation adopted was to use Stored Procedures or input validation. While this does reduce certain type of Injections, It doesn’t prevent all. In this article, I will explain what SQL Injection is and what one can do to prevent it.
Download
http://chmag.in/issue/may2012.pdf
Tech Gyan: Steganography over converted channels
Security and privacy have been a concern for people for centuries. Whether it is private citizens, governments, military, or business, it seems everyone has information that needs to be kept private and out of the hands of unintended third parties. Information wants to be free but it is necessary to keep information private. That need has come about because governments have sensitive information, corporations send confidential financial records, and individuals send personal information to others and conduct financial transactions online. Information can be hidden so it cannot be seen. The information can also be made undecipherable. This is accomplished using steganography and cryptography.
Legal Gyan: Section 66C – Punishment for identity theft
The term identity theft was coined in 1964. However, it is not literally possible to steal an identity so the term is usually interpreted with identity fraud or impersonation. Identity Theft is a form of stealing someone’s identity by pretending to be someone else typically in order to access resources or obtain credit and other benefits in that person’s name.
Tool Gyan: Kautilya
One liner about Kautilya – Kautilya is a toolkit which makes it easy to use USB Human Interface Device (like Teensy++), in breaking into a system. Now let’s understand what does that mean. First let’s understand Teensy++ (I will use Teensy for Teensy++ from now on). It is a USB HID which could be used as a programmable keyboard, mouse, joystick and serial monitor. What could go wrong? Imagine a programmable keyboard, which when connected to a system types out commands pre-programmed in it. It types faster than you and makes no mistakes. It can type commands and scripts and could use an operating system against itself, that too in few seconds. If you can program the device properly keeping in mind most of the possibilities and quirks it could be a really nice pwnage device.
Matriux Vibhag: How to enable WiFi on Matriux running inside VMWare
One of the most commonly asked question on Matriux forums and IRC is how to enable and work with WiFi on a Matriux instance running inside VMWare or any other virtualization software. This tutorial will take you step by step on how to do that. For this tutorial, I am running VMware® Workstation on a Windows 7 Enterprise N Edition which is my Host machine. The Matriux is (obviously) my guest operating system running “Krypton” v1.2. I am using a D-Link DWA-125 Wireless N 150 USB Adapter for this tutorial.
Mom’s Guide: HTTPS (Hyper Text Transfer Protocol Secure)
Hypertext Transfer Protocol (HTTP) is a protocol where communication happens in clear text. To ensure authenticity, confidentiality and integrity of messages Netscape designed HTTPS protocol. Hypertext Transfer Protocol Secure (HTTPS) is a combination of the Hypertext Transfer Protocol (HTTP) with the SSL (Secure socket layer)/TLS (Transport layer security) protocol. It provides encrypted communication and secure identification of a network web server. HTTPS encrypts and decrypts the page requests and page information between the client browser and the web server using a secure Socket Layer (SSL). HTTPS by default uses port 443 as opposed to the standard HTTP port of 80. URL’s beginning with HTTPS indicate that the connection between client and browser is encrypted using SSL.
Code Gyan: Don’t Get Injected – Fix Your Code
When I began doing security review for web applications, one common issue that I encountered was ‘SQL Injection’. Developers used to pose several questions at me saying that their software is secure as they had followed several measures to mitigate this insidious issue. The main mitigation adopted was to use Stored Procedures or input validation. While this does reduce certain type of Injections, It doesn’t prevent all. In this article, I will explain what SQL Injection is and what one can do to prevent it.
Download
http://chmag.in/issue/may2012.pdf
Friday, 20. April 2012
Javascript Deobfuscation
Am Friday, 20. Apr 2012 im Topic 'Books change the World'
Table of Contents
Preface 3
Reasons for JavaScript Obfuscation
Javascript Minifiers vs Obfuscators
Methods of JavaScript Obfuscation
Basic JavaScript Obfuscation
Blackhole Exploit Kit
Breaking Point Obfuscated JS Challenge
JS Obfuscation in MetaSploit Framework
Conclusion
References
Download PDF
http://www.exploit-db.com/wp-content/themes/exploit/docs/18746.pdf
Preface 3
Reasons for JavaScript Obfuscation
Javascript Minifiers vs Obfuscators
Methods of JavaScript Obfuscation
Basic JavaScript Obfuscation
Blackhole Exploit Kit
Breaking Point Obfuscated JS Challenge
JS Obfuscation in MetaSploit Framework
Conclusion
References
Download PDF
http://www.exploit-db.com/wp-content/themes/exploit/docs/18746.pdf
Thursday, 19. April 2012
CHMag's Issue 27, April 2012
Am Thursday, 19. Apr 2012 im Topic 'Books change the World'
This issue covers following articles:-
0x00 Tech Gyan - XSS – The Burning issue in Web Application
0x01 Tool Gyan - Sysinternals Suite
0x02 Mom's Guide - Decoding ROT using the Echo and Tr Commands in your
Linux Terminal
0x03 Legal Gyan - Provisions of Sec. 66B
0x04 Matriux Vibhag - How to enable WiFi on Matriux running inside VMWare
0x05 Code Gyan - Local File Inclusion
Download PDF
http://chmag.in/issue/apr2012.pdf
0x00 Tech Gyan - XSS – The Burning issue in Web Application
0x01 Tool Gyan - Sysinternals Suite
0x02 Mom's Guide - Decoding ROT using the Echo and Tr Commands in your
Linux Terminal
0x03 Legal Gyan - Provisions of Sec. 66B
0x04 Matriux Vibhag - How to enable WiFi on Matriux running inside VMWare
0x05 Code Gyan - Local File Inclusion
Download PDF
http://chmag.in/issue/apr2012.pdf
Wednesday, 18. April 2012
HITB Magazine Issue 008 April
Am Wednesday, 18. Apr 2012 im Topic 'Books change the World'
Contents:
FEATURED ARTICLE: Online Security at the Crossroads
NETWORK SECURITY: The Exploit Distribution Mechanism in Browser Exploit Packs and Reverse Shell Traffic Obfuscation
WINDOWS SECURITY: The Story of CVE-2011-2018 exploitation
CISSP ® CORNER: Jobs and Certifications Looking at the 2012 Landscape
FROM THE BOOKSHELF: Practical Malware Analysis and The Tangled Web
BOOK REVIEW: A Bug Hunter’s Diary
Download PDF
http://magazine.hitb.org/issues/HITB-Ezine-Issue-008.pdf
FEATURED ARTICLE: Online Security at the Crossroads
NETWORK SECURITY: The Exploit Distribution Mechanism in Browser Exploit Packs and Reverse Shell Traffic Obfuscation
WINDOWS SECURITY: The Story of CVE-2011-2018 exploitation
CISSP ® CORNER: Jobs and Certifications Looking at the 2012 Landscape
FROM THE BOOKSHELF: Practical Malware Analysis and The Tangled Web
BOOK REVIEW: A Bug Hunter’s Diary
Download PDF
http://magazine.hitb.org/issues/HITB-Ezine-Issue-008.pdf
Wednesday, 28. March 2012
How to undetect a crypter
Am Wednesday, 28. Mar 2012 im Topic 'Books change the World'
So learn what exactly is crypter and how to make it and how to undetect it in this ebook.
i haven't read it but i got it from internet but i have head good reviews about this.
This ebook is mainly for the people who loves to code and covers basic to intermediate stuff about the crypters.
Download PDF
http://www.sendspace.com/file/0n55b9
Pass: bluep22
by
Dasyam
i haven't read it but i got it from internet but i have head good reviews about this.
This ebook is mainly for the people who loves to code and covers basic to intermediate stuff about the crypters.
Download PDF
http://www.sendspace.com/file/0n55b9
Pass: bluep22
by
Dasyam
Monday, 26. March 2012
Best of PenTest
Am Monday, 26. Mar 2012 im Topic 'Books change the World'
PenTest Magazine is one year old now.
The very special issue - The Best of PenTest.
32 best articles from 28 PenTest issues - 203 pages of reading.
Download PDF
http://pentestmag.com/the-best-of-pentest-012012/
The very special issue - The Best of PenTest.
32 best articles from 28 PenTest issues - 203 pages of reading.
Download PDF
http://pentestmag.com/the-best-of-pentest-012012/
Monday, 19. March 2012
(IN)SECURE - Magazine Special
Am Monday, 19. Mar 2012 im Topic 'Books change the World'
Contents:
News from RSA Conference 2012
Information security within emerging markets
Evolving security trends in smartphone and mobile computing
The biggest problem in application security today
RSA Conference 2012 award winners
Innovation Sandbox
Download PDF
http://www.net-security.org/dl/insecure/INSECURE-Mag-RSA2012.pdf
News from RSA Conference 2012
Information security within emerging markets
Evolving security trends in smartphone and mobile computing
The biggest problem in application security today
RSA Conference 2012 award winners
Innovation Sandbox
Download PDF
http://www.net-security.org/dl/insecure/INSECURE-Mag-RSA2012.pdf
ClubHACK Magazine March 2012
Am Monday, 19. Mar 2012 im Topic 'Books change the World'
Contents :
Tech Gyan: Network Security
Computer Networks are the back bone of all organizations which rely on Information Technology (IT) and are the primary entry point for users to access the Information resources of an organization. Networks today are no longer limited within the physical location of an organization, but are required to be accessible from anywhere in the world which makes it vulnerable to several threats.
Legal Gyan: Section 66A – Sending offensive or false messages
From this article onwards we will look at those sections.
With internet and telecommunication virtually controlling communication amongst people, amendments in the Information Technology Act, 2000 (IT Act) have made it clear that transmission of any text, audio or video that is offensive or has a menacing character can land a sender in jail. The punishment will also be attracted if the content is false and has been transmitted for the purpose of causing annoyance, inconvenience, danger or insult.
Tool Gyan: Who wants to be a Millionaire
Everyone wants to be Millionaire and this article is just going to tell you how you can become one. The Web 2.0 has opened lots of opportunities and possibilities along with lots of security issues. One of the popular technology is “Flash” along with its never ending security issues. People laugh when they hear the terms “Flash” and “Security” together. Industry experts say that Flash is actually moving the ball towards ease of use and functionality and thus compromises on security.
Matriux Vibhag: EtherApe – Graphical Network Monitoring
Hello readers, we are back again with a new release, Matriux Krypton v1.2 at nullcontritiya,Goa 2012. Thank you for your support throughout these years that we are able to bring in the bigger and better security solutions. This version includes some great features with 300 powerful penetration testing and forensic tools. The UI is made more elegant and faster. Based on Debian Squeeze with a custom compiled kernel 2.3.39-krypton Matriux is the fastest distribution of its kind and runs easily on a p-IV with as low as 256MB RAM and just 6GB HDD. Included new tools like reaver-wps, androguard, apkinspector, ssh server and many more.
Mom’s Guide: Protect your privacy online with ’TOR’
Let’s begin with what Tor means: The Onion Router. A router is a device that handles your request to go from your home, office, mobile connection to a website or a web service. If you write in your browser URL bar http://chmag.in and hit return, you’ll send your request to your ISP router, which will send the request to another router and so on, until you reach the CHmag ISP router, and finally get your page back. Every one of these steps is called a “hop”.
Download PDF
http://chmag.in/issue/mar2012.pdf
Tech Gyan: Network Security
Computer Networks are the back bone of all organizations which rely on Information Technology (IT) and are the primary entry point for users to access the Information resources of an organization. Networks today are no longer limited within the physical location of an organization, but are required to be accessible from anywhere in the world which makes it vulnerable to several threats.
Legal Gyan: Section 66A – Sending offensive or false messages
From this article onwards we will look at those sections.
With internet and telecommunication virtually controlling communication amongst people, amendments in the Information Technology Act, 2000 (IT Act) have made it clear that transmission of any text, audio or video that is offensive or has a menacing character can land a sender in jail. The punishment will also be attracted if the content is false and has been transmitted for the purpose of causing annoyance, inconvenience, danger or insult.
Tool Gyan: Who wants to be a Millionaire
Everyone wants to be Millionaire and this article is just going to tell you how you can become one. The Web 2.0 has opened lots of opportunities and possibilities along with lots of security issues. One of the popular technology is “Flash” along with its never ending security issues. People laugh when they hear the terms “Flash” and “Security” together. Industry experts say that Flash is actually moving the ball towards ease of use and functionality and thus compromises on security.
Matriux Vibhag: EtherApe – Graphical Network Monitoring
Hello readers, we are back again with a new release, Matriux Krypton v1.2 at nullcontritiya,Goa 2012. Thank you for your support throughout these years that we are able to bring in the bigger and better security solutions. This version includes some great features with 300 powerful penetration testing and forensic tools. The UI is made more elegant and faster. Based on Debian Squeeze with a custom compiled kernel 2.3.39-krypton Matriux is the fastest distribution of its kind and runs easily on a p-IV with as low as 256MB RAM and just 6GB HDD. Included new tools like reaver-wps, androguard, apkinspector, ssh server and many more.
Mom’s Guide: Protect your privacy online with ’TOR’
Let’s begin with what Tor means: The Onion Router. A router is a device that handles your request to go from your home, office, mobile connection to a website or a web service. If you write in your browser URL bar http://chmag.in and hit return, you’ll send your request to your ISP router, which will send the request to another router and so on, until you reach the CHmag ISP router, and finally get your page back. Every one of these steps is called a “hop”.
Download PDF
http://chmag.in/issue/mar2012.pdf
Tuesday, 13. March 2012
ClubHack Magazine Issue 26, March 2012
Am Tuesday, 13. Mar 2012 im Topic 'Books change the World'
This issue covers following articles:-
0x00 Tech Gyan - Network Security
0x01 Tool Gyan - Who wants to be a Millionaire
0x02 Mom's Guide - Protect your privacy online with ’TOR’
0x03 Legal Gyan - Section 66A - Sending offensive or false messages
0x04 Matriux Vibhag - EtherApe – Graphical Network Monitoring
0x05 Poster
Download PDF
http://chmag.in/issue/mar2012.pdf
0x00 Tech Gyan - Network Security
0x01 Tool Gyan - Who wants to be a Millionaire
0x02 Mom's Guide - Protect your privacy online with ’TOR’
0x03 Legal Gyan - Section 66A - Sending offensive or false messages
0x04 Matriux Vibhag - EtherApe – Graphical Network Monitoring
0x05 Poster
Download PDF
http://chmag.in/issue/mar2012.pdf
Thursday, 23. February 2012
Google AdSense Secrets 5.0
Am Thursday, 23. Feb 2012 im Topic 'Books change the World'
*How to Claim Your Share of The Multi-Billion Dollar AdSense Pie
*Ways to Build An Adsense Ready Website Without a Domain or Hosting
*Secrets to Tweaking and Optimizing your Ads for Maximum Revenue
*How to use Google's Custom Search engine to Catch Fickle Visitors
*Special Code to Influence Your Ads with Section Targeting and Keywords
*How to Understand your AdSense Stats, Channels and Split Testing
Download PDF
http://depositfiles.com/files/rq4xjhc37
http://www.filesonic.com/file/958307384/G00gle_adsen5.rar
by
Amarjit Singh
*Ways to Build An Adsense Ready Website Without a Domain or Hosting
*Secrets to Tweaking and Optimizing your Ads for Maximum Revenue
*How to use Google's Custom Search engine to Catch Fickle Visitors
*Special Code to Influence Your Ads with Section Targeting and Keywords
*How to Understand your AdSense Stats, Channels and Split Testing
Download PDF
http://depositfiles.com/files/rq4xjhc37
http://www.filesonic.com/file/958307384/G00gle_adsen5.rar
by
Amarjit Singh
... ältere Einträge