Whitepaper called SafeSEH+SEHOP all-at-once bypass exploitation method principles.
83ce42a2ebc0a0cb5a110a97fb019c23Whitepaper called Buffer Overflows: Anatomy of an Exploit. A look at how systems are exploited and why these exploits exist.
5ed1c91a3ec36484f952cddff2c5778aThis Internet Draft focuses on providing advice to RA-Guard implementations, rather than on the evasion techniques that have been found effective against most popular implementations of RA-Guard.
1b5c636801345cb01aca19632ee04573Whitepaper called Linux Kernel Hooking, Data Manipulations and Making Root Exploits. Written in Turkish.
28fae139bde9a4dc5de620503482207dThis paper discusses a vulnerability in WPS that allows attackers to recover WPA/WPA2 keys in a matter of hours.
795e111de4ff159c05752bfb679f8945Whitepaper called Denial of Service attacks and mitigation techniques: Real time implementation with detailed analysis. Unlike other theoretical studies, this paper lays down the steps involved in implementing these attacks in real time networks. These real time attacks are measured and analyzed using network traffic monitors. In addition to that, this project also details various defense strategies that could be enabled on Cisco routers in order to mitigate these attacks. The detection and mitigation mechanisms designed here are effective for small network topologies and can also be extended to analogous large domains.
a7d283e69e99422e2fe86041f1af3f16This is a detailed paper on how to install I2P on BT5 and configure it with some of the features.
45a87965b6d5e1cf2c6c03997f065ebeThis is a brief whitepaper discussing how to exploit a webDAV enabled server.
9f254c048e06b9bde5c3fa60cc95b55bWhitepaper called Hardware Involved Software Attacks. Computer security vulnerabilities involving hardware are under-represented within the security industry. With a growing number of attackers, malware, and researchers moving beyond pure software attack scenarios and into scenarios incorporating a hardware element, it is important to start laying a foundation on how to understand, characterize, and defend against these types of hybrid attacks. This paper introduces and details a starting taxonomy of security attacks called hardware involved software attacks, in an effort to further security community awareness of hardware security and its role in upholding the security of the PC platform.
71ecd2fe1142751766ab25085720c584Whitepaper called Construindo Shellcodes. It discusses how to build shellcodes and use them. Written in Portuguese.
a6a688208ea6779d6fca62dcb3099476This is a brief whitepaper called False SQL Injection and Advanced Blind SQL Injection.
05040c813b44124bbd7a6080eb4585c3This is a whitepaper called Armitage - Hacking Made Easy Part 1. It covers using the Armitage GUI for Metasploit when performing pentesting.
bcfdd3b262050f31835bee0c94b5c897This is a brief write up discussing time-based NoSQL injection attacks using javascript.
91d28ae50067e7a25392529916fe2966The fifth IFIP International Conference on New Technologies, Mobility and Security Call For Papers has been announced. It will take place from May 7th through the 10th, 2012 in Istanbul, Turkey.
1619f4b32bc8756e8ec8f0cf304fa17fThis document is version 1.0, as adopted by the CA/Browser Forum on 22 Nov. 2011 with an Effective Date of 1 July 2012. These Baseline Requirements describe an integrated set of technologies, protocols, identity-proofing, lifecycle management, and auditing requirements that are necessary (but not sufficient) for the issuance and management of Publicly-Trusted Certificates; Certificates that are trusted by virtue of the fact that their corresponding Root Certificate is distributed in widely-available application software. The Requirements are not mandatory for Certification Authorities unless and until they become adopted and enforced by relying–party Application Software Suppliers.
63d03aa7d401de867cf392a08b47eb93This Internet Draft specifies the security implications of predictable fragment identification values in IPv6. It primarily focuses on countermeasures and mitigations.
ea42370891c626496f81f24e5a922d19This document specifies a method for generating IPv6 Interface Identifiers to be used with IPv6 Stateless Address Autoconfiguration (SLAAC), such that addresses configured using this method are stable within each subnet, but the Interface Identifier changes when hosts move from one network to another. The aforementioned method is meant to be an alternative to generating Interface Identifiers based on IEEE identifiers, such that the same manageability benefits can be achieved without sacrificing the privacy of users.
0b0fef7bec3954389f6b4bcfd6749ba6Whitepaper called Active Directory Offline Hash Dump and Forensic Analysis. The author participated in a project where it was required to extract the password hashes from an offline NTDS.DIT file. After searching the Internet for an available tool, the author found that there was no open source tool. Because of that the author decided to research the internals of password encryption and storage of Active Directory and create a tool for the forensic community.
176aa1514d9d4807c99e9f7ff82945f7Whitepaper called Overview to HTML5 web security. This article is an extract of the master thesis written by Michael Schmidt. It needs to be considered that the content of this document was released in May 2011.
6a2459e2a9cb59dbfd3c58001f6d83c4This is a write up that discusses exploiting the glibc __tzfile_read integer overflow to buffer overflow and leveraging Vsftpd.
761eafe34246bc9609dce3ba94413deaThis whitepaper is an analysis of Facebook spam exploited through browser add-ons and extensions.
7b27352c3661281e6cc856a2b7896b3bWhitepaper called Unprotecting the Crypter, a Generic Approach. It discusses how crypters work and unpacking malware.
3491d2fba4fa6ac325f6f33e4dd600a1Whitepaper called The Tor Project: Authority "No Check" Weakness. It discusses the fact that exit nodes can be leveraged easily to commit man-in-the-middle attacks.
d9f653a8eedc28517244cfbc8ed941f1This paper covers a conjecture of equivalence between a statement regarding Ξ matrix and Zeta.
ffeb0704f3a4f742f8cdc662a27b89a1This document covers the introduction of the R-sequence, i.e. the sequence of numbers closely related to the distribution of the prime numbers. The paper contains its connection to ζ and Mobius function.
7eb0b52dfcf76b9629a1e7004f39e0ca
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed