Friday, 4. May 2012
Revelo – Javascript Deobfuscator
Am Friday, 4. May 2012 im Topic 'Tutorials'
While this tool does have some protections built into it, it may execute malicious code that could harm your computer so use it in a virtual machine. It’s been tested to run on Windows XP. There’s a helper document inside the zip file which includes safe samples to play with.
Features:
* Analyze a script quickly by loading a file or pasting in Javascript code
* Includes several methods to deobfuscate Javascript
* Includes a built-in browser proxy which displays the URL of outgoing requests
* Displays the Document Object Model (DOM) elements
* Includes a packet sniffer which logs incoming and outgoing requests
* Includes a software firewall to prevent the program from accessing Internet content accidentally
* Ability to act as a web proxy to catch and block redirects
* Beautifies Javascript code to make it more readable
* Ability to clear the browser cookies
* Ability to spoof the user-agent string
Download
http://www.mediafire.com/?6rdb8bwjo9jdylj
by
darryl
Features:
* Analyze a script quickly by loading a file or pasting in Javascript code
* Includes several methods to deobfuscate Javascript
* Includes a built-in browser proxy which displays the URL of outgoing requests
* Displays the Document Object Model (DOM) elements
* Includes a packet sniffer which logs incoming and outgoing requests
* Includes a software firewall to prevent the program from accessing Internet content accidentally
* Ability to act as a web proxy to catch and block redirects
* Beautifies Javascript code to make it more readable
* Ability to clear the browser cookies
* Ability to spoof the user-agent string
Download
http://www.mediafire.com/?6rdb8bwjo9jdylj
by
darryl
Tuesday, 24. April 2012
Sqlmap (Sqlinjection Web) Real Time
Am Tuesday, 24. Apr 2012 im Topic 'Tutorials'
Wednesday, 4. April 2012
The Art of Win32 Shellcoding
Am Wednesday, 4. Apr 2012 im Topic 'Tutorials'
Table of Contents
Introduction
Part 1: The Basics
What’s Shellcode?
The Types of Shellcode
Part 2: Writing Shellcode
Shellcode Skeleton
The Tools
Getting the Delta
Getting the Kernel32 imagebase
Getting the APIs
Null-Free byte Shellcode
Alphanumeric Shellcode
Egg-hunting Shellcode
Part 2: The Payload
Socket Programming
Bind Shell Payload
Reverse Shell Payload
Download & Execute Payload
Put All Together
Part 4: Implement your Shellcode into Metasploit
Conclusion
References
Appendix I – Important Structures
Info
http://www.codeproject.com/Articles/325776/The-Art-of-Win32-Shellcoding#ch2.1
Download source code
http://www.codeproject.com/KB/web-security/325776/win32-shellcode-src.zip
Introduction
Part 1: The Basics
What’s Shellcode?
The Types of Shellcode
Part 2: Writing Shellcode
Shellcode Skeleton
The Tools
Getting the Delta
Getting the Kernel32 imagebase
Getting the APIs
Null-Free byte Shellcode
Alphanumeric Shellcode
Egg-hunting Shellcode
Part 2: The Payload
Socket Programming
Bind Shell Payload
Reverse Shell Payload
Download & Execute Payload
Put All Together
Part 4: Implement your Shellcode into Metasploit
Conclusion
References
Appendix I – Important Structures
Info
http://www.codeproject.com/Articles/325776/The-Art-of-Win32-Shellcoding#ch2.1
Download source code
http://www.codeproject.com/KB/web-security/325776/win32-shellcode-src.zip
Cracking WPA/WPA2 - TUT
Am Wednesday, 4. Apr 2012 im Topic 'Tutorials'
Cracking the pre-shared key in five different ways:
1. Use aircrack-ng (without CUDA support) to crack the pre-shared key (slow)
2. Use Pyrit and Cowpatty to crack key on the fly (passthrough mode using CUDA) (faster than way 1)
3. Use Pyrit alone to crack key on the fly (attack_passthrough mode) (faster than way 2 and is most recommended)
4. Pyrit CUDA Batch Mode – Create rainbow tables with pyrit
5. Brute force with Crunch and Pyrit (not recommended)
Download PDF
http://www.uploadarea.de/upload/rmm2kr87l97gbeogv82n2u324.html
1. Use aircrack-ng (without CUDA support) to crack the pre-shared key (slow)
2. Use Pyrit and Cowpatty to crack key on the fly (passthrough mode using CUDA) (faster than way 1)
3. Use Pyrit alone to crack key on the fly (attack_passthrough mode) (faster than way 2 and is most recommended)
4. Pyrit CUDA Batch Mode – Create rainbow tables with pyrit
5. Brute force with Crunch and Pyrit (not recommended)
Download PDF
http://www.uploadarea.de/upload/rmm2kr87l97gbeogv82n2u324.html
Thursday, 29. March 2012
Become a Metasploit Expert ll
Am Thursday, 29. Mar 2012 im Topic 'Tutorials'
Tuesday, 27. March 2012
Using UPX As A Security Packer
Am Tuesday, 27. Mar 2012 im Topic 'Tutorials'
Whitepaper called Using UPX as a Security Packer. It goes into detail on how to use this tool and how to bring obfuscation into it.
Download PDF
http://packetstormsecurity.org/files/download/111072/Using_UPX_as_a_security_packer.pdf
Download PDF
http://packetstormsecurity.org/files/download/111072/Using_UPX_as_a_security_packer.pdf
Monday, 26. March 2012
SRP Bypass with gpdisable.exe (dll injection)
Am Monday, 26. Mar 2012 im Topic 'Tutorials'
Friday, 23. March 2012
HTML5 Top 10 Attacks and Exploits
Am Friday, 23. Mar 2012 im Topic 'Tutorials'
• ClickJacking & Phishing by mixing layers and iframe
• CSRF and leveraging CORS to bypass SOP
• Attacking WebSQL and client side SQL injection
• Stealing information from Storage and Global variables
• HTML 5 tag abuse and XSS
• HTML 5/DOM based XSS and redirects
• DOM injections and Hijacking with HTML 5
• Abusing thick client features
• Using WebSockets for stealth attacks
• Abusing WebWorker functionality
Download PDF
http://www.blackhat.com/html/bh-eu-12/bh-eu-12-archives.html#shah
• CSRF and leveraging CORS to bypass SOP
• Attacking WebSQL and client side SQL injection
• Stealing information from Storage and Global variables
• HTML 5 tag abuse and XSS
• HTML 5/DOM based XSS and redirects
• DOM injections and Hijacking with HTML 5
• Abusing thick client features
• Using WebSockets for stealth attacks
• Abusing WebWorker functionality
Download PDF
http://www.blackhat.com/html/bh-eu-12/bh-eu-12-archives.html#shah
DOJOCON 2010 Videos
Am Friday, 23. Mar 2012 im Topic 'Tutorials'
Wednesday, 7. March 2012
HOW TO FETCH USERNAME AND PASSWORD BY SOCIAL ENGINEERING TECHNOLOGIES
Am Wednesday, 7. Mar 2012 im Topic 'Tutorials'
by
ahaseckaser
... ältere Einträge