This paper demonstrates how to ARP poison a connection between Windows 7 and Windows 2008 R2 Server using Cain.
ef9266998c0a638d9a127633eb6b3263This whitepaper touches on various scanning tools and how to use them. It gives an overview of hping, scapy, unicornscan, nmap, and nessus.
8128327a88a5c5ef7592058f15992966ClubHACK Magazine Issue 28 - Topics covered include Steganography over covert channels, Kautilya, HTTPS, and more.
09f4f521af37e0978a796f2c1b6dc791The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) Call For Papers has been announced. It will be held December 10th through the 12th, 2012, in London, United Kingdom.
eeeda448683bda516a3f7881352dc07fThe Hackers 2 Hackers Conference (H2HC) 9th edition call for papers has been announced. It is being held in Sao Paulo, Brazil from October 18th through the 23rd, 2012.
ddc59b2f9e07687ebba9f5f9c13556d7This is a whitepaper that gives a complete cross site scripting walkthrough.
048df1139c315869c0a90ee93b3e41e7The SEC-T 2012 Call For Papers has been announced. It will be held from September 13th through the 14th in Stockholm, Sweden.
2a2fd25a2a332d4a4c1ba4fa44931fddThe Hackers Conference 2012 Call For Papers has been announced. It will take place in New Delhi, India on July 29th, 2012.
15633bacbd7c645a614a768af85b28d4The t2'12 Call For Papers has been announced. It will take place October 25th through the 26th, 2012 in Helsinki, Finland.
8c18caec5ffc1267923951d66f51ff80The Breakpoint 2012 Call For Papers has been announced. It will take place at the Intercontinental Rialto in Melbourne, Australia on October 17th through the 18th, 2012. Breakpoint is organized by the Ruxcon conference team and will offer a specialized and more professional security conference to complement and lead into the larger and more casual Ruxcon weekend conference. Breakpoint will cater towards security researchers and industry professionals alike, with a focus on cutting edge security research.
f4310b90befaea776fd4a2cc13680591This is a brief whitepaper that discusses finding remote and local file inclusion vulnerabilities and how to exploit and patch them.
6052e626e53f1812604f5f5ae8b4ce79This paper reveals the theoretical aspects behind run-time crypters and describes a reference implementation for Portable Executables.
94a494d729dcbfcdadd3afaa08927569This whitepaper details some of the vulnerabilities observed over the past year while performing regular security assessments of iPhone and iPad applications. MDSec documents some of the vulnerabilities identified as well as the methods to exploit them, and recommendations that developers can adopt to protect their iOS applications. It covers not only the security features of the platform, but provides in depth information on how to perform both black box and white box iOS penetration tests, along with suggested methodologies and compliance.
8527c3e88bfed9bdffcf0bcf1dbd7036Whitepaper called Reverse Engineering Malware Part 1.
5a024a46d9813b832462a13a9362ba84The Call For Papers for the Third International Workshop on Security and Privacy in Social Networks 2012 (SPSN-2012) in conjunction with IEEE SocialCom has been announced. It will take place in Amsterdam, The Netherlands, September 3rd through the 6th, 2012.
4a0124945320fae697692f6f034437dcPas A Pass Vers L'Assembleur is a whitepaper that discusses the basics of writing and working with assembler. Written in French.
765d78d1ae235ee0f37724f30c058a00Whitepaper called Actuality of SMBRelay in Modern Windows Networks.
81653f8d5eb1f2a90fee0f43369d9388ToorCamp is a five-day open-air event for hackers, makers, breakers, and shakers. ToorCamp is where you get together with the rest of the best in a relaxing, beautiful atmosphere, and exchange ideas with the brightest technology experts from around the world. The camp has everything you need: power, internet, food and fun. Bring your tent, bring a friend ? and get ready to reunite and reignite with really smart people, just like you. It will take place at the Hobuck Beach Resort in Neah Bay, Washington August 8th through the 12th, 2012.
a5151583c0bdbaaf40cc114ed78f4c9bThis document discusses the security implications of native IPv6 support and IPv6 transition/co-existence technologies on "IPv4-only" networks, and describes possible mitigations for the aforementioned issues.
4c30e6e9159627379ef776d8274b192dWhitepaper called Intro to SQL Injection and Countermeasures.
68db188cf8aab372f9306915334ea57dVulnerability Lab has produced a large amount of cross site scripting payloads that can be used with fuzzers for automated scanning, etc.
a1bef07ff4bd5d4358baf87d3e3c349fIPv6 offers a much larger address space than that of its IPv4 counterpart. The standard /64 IPv6 subnets can (in theory) accommodate approximately 1.844 * 10^19 hosts, thus resulting in a much lower host density (#hosts/#addresses) than their IPv4 counterparts. As a result, it is widely assumed that it would take a tremendous effort to perform host scanning attacks against IPv6 networks, and therefore IPv6 host scanning attacks have long been considered unfeasible. This document analyzes the IPv6 address configuration policies implemented in most popular IPv6 stacks, and identifies a number of patterns in the resulting addresses lead to a tremendous reduction in the host address search space, thus dismantling the myth that IPv6 host scanning attacks are unfeasible.
7647136296cf7d7fcc2c61206d14cbd6This is a whitepaper called Exploring Windows Backdoors - Bypassing Firewalls on Webhosting Providers.
dc6f6cef040a7a562bff70b2ea29f9e8Ruxcon 2012 Call For Papers - Ruxcon is the premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations. This year the conference will take place over the weekend of 20th and 21st of October at the CQ Function Centre, Melbourne, Australia.
b80710263313a4cf99938ecf24e17bbcWhitepaper called The Source Is A Lie. Backdoors have always been a concern of the security community. In recent years the idea of not trusting the developer has gained momentum and manifested itself in various forms of source code review. For Java, being one of the most popular programming languages, numerous tools and papers have been written to help during reviews. While these tools and techniques are getting developed further, they usually focus on traditional programming paradigms. Modern concepts like Aspect Oriented Programming or the Java Reflection API are left out. Especially the use of Java’s Reflection API in conjunction with the lesser known “string pool” can lead to a new kind of backdoor. This backdoor hides itself from unwary reviewer by disguising its access to critical resources like credential through indirection. To raise the awareness about this particular kind of backdoor, this paper will provide a short introduction to the string pool, show how reflection can be used to manipulate it, demonstrate how a backdoor can abuse this, and discuss how it can be uncovered.
95c7b6fb02b2acae134655f38d6826c1
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed