 |
| |
|  by: ZaiRoN - 2007-04-22 21:19:22 |
|
| | An introduction to rootkit reversing playing with Nailuj malware. |
|
| |
| |
|
| |
| | by: anilg - 2006-06-16 12:28:02 |
|
| | We'll create and discuss a very secure hash-based encryption algorithm. The encryption is performed by using the hash function as a PRNG (Pseudo Random Number Generator). The encryption mode may be CFB or OFB (and NOT ECB). |
|
| |
| |
|
| |
| | by: sefo - 2006-05-27 17:13:32 |
|
| | My experience on how to reverse a wmf exploit and understand how it works. |
|
| |
| |
|
| |
| |
| | This is part II of my lame and long reversing malware series. This is the rest of my article, it was originally one tutorial, but it was split in two after a week of chaos and battle across the universe! I take you through reversing the Gorgon trojan, a highly featured piece of malware. |
|
| |
| |
|
| |
| |
| | In this two-part series, I hope to convey several points of attacking the attacker, beating the creator at his own game while owning the malware that you are so accustomed to owning you. This paper is long and skews into a few tangents--Definately not an article for the faint of heart. |
|
| |
| |
|
| |
| |
| | A little registry trick that can help you avoid some spyware installation.... |
|
| |
| |
|
| |
| | by: w0lf - 2005-09-17 13:13:05 |
|
| | This is an article by Markus Ranum outlining what he thinks are the six dumbest ideas in computer security at the moment. He comes up with some very good points but manages to keep it light-hearted enough to make you chuckle at the same time. |
|
| |
| |
|
| |
| |
| | Get a client workstation, own the domain. |
|
| |
| |
|
| |
| |
| | Windows privilege escalation using Program.exe. |
|
| |
| |
|
| |
| |
| This tutorial will show you how to open up the "My Computer" Security zone in Internet Explorer to give you another layer of defense against malicious code embedded in Java and ActiveX scripts.
|
|
| |
| |
|
| |
| | by: TroPe - 2004-12-15 18:38:57 |
|
| | Let's look at what viruses are, the different types of viruses, and how each of these types infects your computer. |
|
| |
| |
|
| |
| | by: TroPe - 2004-12-13 16:34:38 |
|
| | Your code (and mine of course) is vulnerable to SQL injection attacks wherever it uses input parameters to construct SQL statements. I can't stress enough how risky this is. As with XSS bugs (see my article on XSS), SQL injection attacks are caused by placing too much trust in user input and not validating and parsing their input. This article will show you many examples of SQL Injection, including a one line command to shut down almost any MS SQL server that does not parse user input! |
|
| |
| |
|
| |
| | by: TroPe - 2004-11-04 23:42:29 |
|
| | XSS is something all of us developers really need to be aware of. This article will explain what XSS is, show you examples of the most commom exploits including Session HiJacking and stealing passwords, and then show you how to avoid this happening in your pages. |
|
| |
| |
|
| |
| |
| | A quick insight into Trojan Horse viruses. |
|
| |
| |
|
| |
| | by: nirus - 2004-07-04 14:33:29 |
|
| | Viruses have become an accepted part of computing in the modern world. A risk of doing business in a networked environment. It's never nice finding your computer infected with a virus or worm, and yet powering up the virus scanner usually takes care of the problem. That having been said, the virus problem is one that is increasing, and is not likely to go away in the near future. Understanding the common virus can help you combat and defeat even the nastiest of nasties. |
|
| |
| |
|
| |
| | by: nirus - 2004-07-04 13:06:44 |
|
| | This is the adaption/response that I made to an article I found floating around on the web somewhere, I'm not sure exactly where so I can't give credit where it is due, however it deals with the problem of user based insecurity. Is it an incurable disease? |
|
| |
| |
|
| |
| | by: nirus - 2004-06-26 04:01:19 |
|
| | Hackers have a lot to share with ordinary computer users, if you can get past the fear that most people have of hackers and focus on the skills that they possess and the measures that they take to protect themselves, then interesting knowledge can be gained. |
|
| |
| |
|
| |
| |
| | The MD5 algorithm is quite possibly the most widely used digest algorithm out there. So of course, being the geek you are, you want to know how it works. Read on. |
|
| |
| |
|
| |
| |
| | As technology advances, there is a constant need to improve the areas of security that are under direct control by the user by informing them on the correct procedure to be successful, as this article should do. This is a fairly brief introduction into the realm of password security, providing information that will hopefully make you understand the importance of passwords, how to make a secure one and how to ensure that the particlar password is indeed secure. |
|
| |
| |
|
| |
| |
| | John the Ripper may be simple for many geeks to use, but newbies and geeks in training may find it difficult to do exactly what they want. This tutorial is aimed at them. |
|
| |
| |
|
| |
| |
| Echelon is the world famous snooping system, which most people suggest doesn't really exist; however, we all know different!
If you want to set up your own echelon listening system, heres how... |
|
| |
| |
|
| |
| |
| Clarke: Security flaws found by users, not software makers
LAS VEGAS, Nevada (AP) -- An adviser to President Bush encouraged top computer security professionals and hackers Wednesday to try to break computer programs, offering to support and protect good-faith researchers from the legal wrath of software makers |
|
| |
| |
|
| |
| |
| | Phoning over Internet/Intranet seems perfect. You can increase costs and the administration of phonecalls within a IT-Structure becomes easier for SysAdmins. But there is at least one point, every admin should think about: security! |
|
| |
| |
|
| |
| |
| | Securing your system is easy!? Just use a firewall you can download somewhere,..maybe even only the binaries.., but this is no security! Security is a customized feature of a system, and you need to chance to customize a firewall for your needs. ipfw is a way to secure systems like FreeBSD in a way, that will nearly guarantee full security. |
|
| |
| |
|
| |
| |
| | Did you watch the Windows trial on TV??? Did you happen to hear the vital slip of information that Mr. VP of Microsoft Windows let out, and immediately regretted??? Well if you didn't, then read on. If you did.....then read on, maybe you'll learn somethin' new. |
|
| |
| |
|
| |
| |
| | In today's ubiquitous networking environment, threats come in all shapes and sizes. And security analysts would like to believe that with a firewall in place, you are safe from network and systems exploitation. This just isn't so. In this article, I will look at one particularly popular attack: war dialing. |
|
| |
| |
|
| |
| |
| Attacker could run malicious code or set off DoS attack
Microsoft has warned system administrators that a new flaw in its FrontPage extensions could allow an attacker to run malicious code or set off a denial-of-service attack.
|
|
| |
| |
|
| |
| |
| | A worldwide team of volunteers, using spare computing power, found the secret key for a message encrypted with the RC5-64 cipher, winning a $10,000 prize and, they say, casting some doubt on the security of messages protected by the cipher. |
|
| |
| |
|
| |
| |
| An Israeli Web-application company has warned users of Internet Explorer that nine related security flaws in the program could be used by malicious hackers to gain access to a victim's computer files.
|
|
| |
| |
|
| |
| |
| | Researchers have created a new way to encrypt information in a digital image and extract it later without any distortion or loss of information. |
|
| |
| |
|
| |
| |
| | Most programmers use the rand() function on an uncommon basis, but one field where this function is most important has to be cryptography. |
|
| |
| |
|
| |
| |
| I recently had to make an attendance system for my High School. My choices were to either make a C program that would connect to a central database or a web site.
Heres what I did, and what my design decisions were. |
|
| |
| |
|
| |
| |
| As the WLAN security is quite an everyday subject now.. Who wouldnt want to login from anywhere in the world and have a good connection? Security is the drawback currently.
There are a lot of solutions to secure WLAN, though non make it attackproof. Some solutions are stated within this article. |
|
| |
| |
|
| |
| |
| | This Tutorial is aimed at newusers to the site looking to secure there home computers i will be basing this on windows because most newbies will be using some sort of windows |
|
| |
| |
|
| |
| |
| | "Scanrand is a proof of concept, investigating stateless manipulation of the TCP Finite State Machine." |
|
| |
| |
|
| |
| |
| | PGP (Pretty Good Privacy) is used both for protecting e-mail and file storage. It presents a way to digitally sign and encrypt information "objects." As such, it is well suited for any store and forward applications. In this article, we will take a close look at a Java implementation and summarize its qualities. |
|
| |
| |
|
| |
| |
| | This article is an attempt to provide the casual to midlevel (cryptography experience wise, not general experience wise) programmer with some helpful information on using cryptography in his or her programs. |
|
| |
| |
|
| |
| |
| | People mean different things when they talk about cryptography. Children play with toy ciphers and secret languages. However, these have little to do with real security and strong encryption. Strong encryption is the kind of encryption that can be used to protect information of real value against organized criminals, multinational corporations, and major governments. |
|
| |
| |
|
| |
| |
| | Sloppy security practices and social engineering are still the root causes for most security breaches. The real problem is lack of education. |
|
| |
| |
|
| |
| |
| | Most programmers when they program forget one of the most importent step in big products, who would use your code if it's all buggy and insecure all the way around? Im here to help on a few, ofcourse this is a too big area to cover in one article but I will do my best. ;) |
|
| |
| |
|
| |
| |
| | Contrary to conventional wisdom, "volatile" semiconductor memory does not entirely lose its contents when power is removed. Both static (SRAM) and dynamic (DRAM) memory retains some information on the data stored in it while power was still applied. .. |
|
| |
| |
|
| |
| |
| | Continued from the previous tutorial. Stack overflows this time. It's much harder and you will have to be fairly proficient in ASM. |
|
| |
| |
|
| |
| |
| | Shab writes: Since this is neither a short nor an easy area to explore, I will not cover everything in this one article, I will do a series, you don't have to rip other's you can do your own! |
|
| |
| |
|
