... neuere Einträge
Monday, 10. October 2011
WebBackdoors
Am Monday, 10. Oct 2011 im Topic 'Tutorials'
This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. Paper explains few techniques that could be used to render undetectable and unnoticed backdoor inside web applications.
This paper is mainly an update for an old paper of ours Effectiveness of Antivirus in Detecting Web Application Backdoors, which mainly questioned the effectiveness of AV with respect to web shells and analysis of a couple of web shells. Current paper takes this topic further and explains a couple of methodologies that could be used to make stealth application layer backdoors using web scripting languages .This paper explains various Web Backdoor attacks and evasion techniques that could be used to stay undetected
Download PDF
http://www.garage4hackers.com/blogs/8/attachments/101d1318227327-webbackdoors-attack-evasion-detection-cocon_paper.pdf
This paper is mainly an update for an old paper of ours Effectiveness of Antivirus in Detecting Web Application Backdoors, which mainly questioned the effectiveness of AV with respect to web shells and analysis of a couple of web shells. Current paper takes this topic further and explains a couple of methodologies that could be used to make stealth application layer backdoors using web scripting languages .This paper explains various Web Backdoor attacks and evasion techniques that could be used to stay undetected
Download PDF
http://www.garage4hackers.com/blogs/8/attachments/101d1318227327-webbackdoors-attack-evasion-detection-cocon_paper.pdf
Saturday, 1. October 2011
Hacking Your Android
Am Saturday, 1. Oct 2011 im Topic 'Tutorials'
Wednesday, 28. September 2011
Wpscan And Metasploit's Meterpreter
Am Wednesday, 28. Sep 2011 im Topic 'Tutorials'
Friday, 23. September 2011
BruCON Agnitio workshop
Am Friday, 23. Sep 2011 im Topic 'Tutorials'
Required for the Agnitio hands on demos:
A 32bit Windows Operating System (XP or 7 preferably – VM will be fine)
.NET framework 3.5 installed
Agnitio v2.0 installed
http://sourceforge.net/projects/agnitiotool/
Download the Pandemobium Android and iOS source code
https://github.com/denimgroup/Pandemobium
Download the selected vulnerable open source application
https://github.com/denimgroup/Pandemobium
by David Rook (Security Ninja)
A 32bit Windows Operating System (XP or 7 preferably – VM will be fine)
.NET framework 3.5 installed
Agnitio v2.0 installed
http://sourceforge.net/projects/agnitiotool/
Download the Pandemobium Android and iOS source code
https://github.com/denimgroup/Pandemobium
Download the selected vulnerable open source application
https://github.com/denimgroup/Pandemobium
by David Rook (Security Ninja)
Saturday, 3. September 2011
Cookies - Tell You Who You Are
Am Saturday, 3. Sep 2011 im Topic 'Tutorials'
With the success of Web applications, most of our data is now stored on various third-party servers where they are processed to deliver personalized services.
Download PDF
http://arxiv.org/PS_cache/arxiv/pdf/1108/1108.5864v1.pdf
by
Vincent Toubiana Vincent Verdot
Download PDF
http://arxiv.org/PS_cache/arxiv/pdf/1108/1108.5864v1.pdf
by
Vincent Toubiana Vincent Verdot
Friday, 2. September 2011
Step by Step guide for LFI (Local File Inclusion)
Am Friday, 2. Sep 2011 im Topic 'Tutorials'
This tutorial will guide you into the process of exploiting a website thru the LFI (Local File Inclusion).
Source
http://pastebin.com/ssSAVmcR
by
Amarjit Singh
Source
http://pastebin.com/ssSAVmcR
by
Amarjit Singh
Monday, 29. August 2011
Creating Binary Files on a Firewalled Server
Am Monday, 29. Aug 2011 im Topic 'Tutorials'
This article introduces techniques that an attacker, who has already access to execute commands on a server, could use to create binary files on server which has no internet access (firewalled) or web filtering (antivirus).
Download PDF
http://www.surgeonix.com/blog/downloads/Creating_Binary_Files_on_a_Firewalled_Server.pdf
by
SuRGeoNix
Download PDF
http://www.surgeonix.com/blog/downloads/Creating_Binary_Files_on_a_Firewalled_Server.pdf
by
SuRGeoNix
Saturday, 27. August 2011
OWASP Tutorial Series
Am Saturday, 27. Aug 2011 im Topic 'Tutorials'
Episode 1: Appsec Basics
Episode 2: SQL Injection
Episode 3: Cross Site Scripting (XSS)
Episode 2: SQL Injection
Episode 3: Cross Site Scripting (XSS)
Friday, 26. August 2011
Dissecting Java Server Faces for Penetration Testing
Am Friday, 26. Aug 2011 im Topic 'Tutorials'
This paper sheds light on the findings of security testing of Java
Server Faces. JSF has been widely used as an open source web framework
for developing efficient applications using J2EE. JSF is compared with
ASP.NET framework to unearth potential security flaws.
Download PDF
http://www.secniche.org/jsf/dissecting_jsf_pt_aks_kr.pdf
Server Faces. JSF has been widely used as an open source web framework
for developing efficient applications using J2EE. JSF is compared with
ASP.NET framework to unearth potential security flaws.
Download PDF
http://www.secniche.org/jsf/dissecting_jsf_pt_aks_kr.pdf
Wednesday, 24. August 2011
Upload a php shell
Am Wednesday, 24. Aug 2011 im Topic 'Tutorials'
uploading a shell
IPB Shell uploading
IPB Shell uploading
... ältere Einträge
