Hash Database
Get flash to fully experience Pearltrees
Problem loading page
Welcome to the EUREKA Malware Analysis Internet Service : Eureka is a binary static analysis preparation framework. It implements a novel binary unpacking strategy based on statistical bigram analysis and coarse-grained execution tracing.
Step-by-Step Reverse Engineering Malware: ZeroAccess / Max++ / Smiscer Crimeware Rootkit | InfoSec Resources
(quick plug – to all current & future reverse engineers – check out our Reverse Engineering Training Course. We’d love to publish your work next!) This four part article series is a complete step-by-step tutorial on how to reverse engineer the ZeroAccess Rootkit.I meant to blog about this a while ago, but never got round to it. Here’s a brief post about very cool feature of a tool called mimikatz. I’m very grateful to the tool’s author for bringing it to my attention.
Blog - pentestmonkey.net
Penetration Testing and Vulnerability Analysis - Home
Course Overview This is the course website for Penetration Testing and Vulnerability Analysis currently taught at the Polytechnic Institute of New York University. This course introduces the fundamental technical skills required to identify, analyze, and exploit software vulnerabilities. Taught by a team of security industry experts, we cover the following topics: The course and this website have been organized and maintained for the past four years by Dan Guido ...:: Corelan Team | Peter Van Eeckhoutte (corelanc0d3r) ::..
A lot has been said and written already about heap spraying, but most of the existing documentation and whitepapers focus on IE7 or older versions. Although there are a number of public exploits available that target IE8, the exact technique to do so has not been really documented in detail. Of course, you can probably derive how it works by looking at those public exploits. With this tutorial, I’m going to provide you with a full and detailed overview on what heap spraying is, and how to use it on old and newer platforms. Copyright secured by Digiprove © 2012 Peter Van Eeckhoutte | Corelan GCV
Sniffers: Basics and Detection
A Sniffer is a program or a device that eavesdrops on the network traffic by grabbing information travelling over a network. Sniffers basically are "Data Interception" technology. They work because the Ethernet was built around a principle of sharing. Most networks use broadcast technology wherein messages for one computer can be read by another computer on that network. In practice, all the other computers except the one for which the message is meant, will ignore that message. However, computers can be made to accept messages even if they are not meant for them.
In my most recent post, I identified the direction and state-of-the-art in application security. We all know of the importance of application security in today’s environments. However, finding out where to fit application security policies and programs into an overall security program (or organizational security plan) is as difficult (or more difficult) than integrating mandatory regulations, compliance standards, secure enterprise architectures, and many other risk management activities. Building a continually improving security program is an important and common topic.
tssci security
Training | NovaInfosecPortal.com
This section of the web site provides security training resources for infosec professionals based in or around the Northern Virginia (NoVA), DC, and MD areas. If there are any mistakes or information we should add, please let us know through our Contact Us form. For recent posts regarding this information, see the Recent Posts area below. Look for a complete list of all related posts on the Training category page. A key part of being a good infosec profession is understanding what attackers are currently doing. Therefore, we have created this hacking challenges/practice section to collect some of local reputable offerings.
Partner Colleges for Online College Credit - StraighterLine
Enjoy a hassle-free application process and save money when you enroll at one of StraighterLine's accredited Partner Online Colleges and Universities. Most online colleges and universities have agreed to accept StraighterLine college credits directly. StraighterLine selects Partner Colleges for their rigorous and high quality degree programs as well as for their commitment to individual learners and their needs. All of our Partner Colleges have distance learning options available. With StraighterLine, you can enroll at one of our Partner Colleges or enroll at any college that awards credit for ACE recommended courses.
ECA Program
The DoD has established the External Certification Authority (ECA) program to support the issuance of DoD-approved certificates to industry partners and other external entities and organizations. The ECA program is designed to provide the mechanism for these entities to securely communicate with the DoD and authenticate to DoD Information Systems. The DoD PKI Program Management Office (PMO) has designated the ECA External Liaison Officer (ELO) as the single point of contact to receive and coordinate all communications between the ECA community, DoD programs, and the DoD PKI PMO.
BugiX - Security Research
Update: March 17, 2010 Chris Hadnagy aka loganWHD from http://www.social-engineer.org/ created a nice video about active exploitation of this POC. >/TP 1>>/P 5 0 R/FT /Btn/TU (ImageField1)/Ff 65536/Parent 3 0 R/F 4/DA (/CourierStd 10 Tf 0 g)/Subtype /Widget/Type /Annot/T (ImageField1[0])/Rect [107.385 705.147 188.385 709.087]>>Blind SQL Injection to throw an error to validate that encapsulation isn't working. The goal here is to throw an error to cause the application to show us that it is not encapsulating quotes correctly: Blind SQL Injection detection (this shouldn't give us the same result if filtering is in place as we would get if we excluded the AND 1 = 1 part.
SQL Injection Cheat sheet: Esp: for filter evasion - by RSnake
This page contains a full TOR nodelist (no more than 30 minutes old) in the format below. There are tags of __BEGIN_TOR_NODE_LIST__ and __END_TOR_NODE_LIST__ for easy scripting use of this page. You can also fetch https://www.dan.me.uk/torlist/ for a list of ips only, one per line - updated every 30 minutes. Ideal for constructing your own tor banlists.