Tutorials, training & CTF

Facebook Twitter
Dr. Fu's Security Blog: Malware Analysis Tutorials: a Reverse Engineering Approach Dr. Fu's Security Blog: Malware Analysis Tutorials: a Reverse Engineering Approach Pages This Blog Linked From Here The Web Malware Analysis Tutorials: a Reverse Engineering Approach
MysteryTwister C3 - The new Crypto Cipher Contest
A hack CTF, security contest, hack quest
Crackmes.de - Welcome to the longest running and most complete Crackmes web page on the internet. Crackmes.de - Welcome to the longest running and most complete Crackmes web page on the internet. The Crackmes.de team welcomes you to the world first and largest community website for crackmes and reversemes. We are proud to welcome you to the longest running and most complete Crackmes web page on the internet. Please take some time to browse around and find something to keep yourself busy and challenge your mind. So you think you're good enough to break the protection? You want to see how good you are in reversing applications? And you want to do it the legal way?
index of /
SQLol version 0.2
Wargames - Krypton
Wargames - Monxla (HES2012) Wargames - Monxla (HES2012) We're hackers, and we are good-looking. We are the 1%. This wargame was introduced at the Hackito Ergo Sum (HES) 2012 conference in Paris and is centered around the fictitious Russian crime family Nasenko. As of November 2012, the Monxla game has been released to the public and can be downloaded at http://images.overthewire.org/Monxla - OverTheWire Wargame.iso
Announcements You can use our web irc client to help get you started. If you are looking for help with the wargames, check out the wargames page. There is a link next to each game to direct you to the appropriate #channel for help. Also, don't forget to check out AMATERIA created by kaliman. SmashTheStack Wargaming Network SmashTheStack Wargaming Network
About Exploit Exercises exploit-exercises.com provides a variety of virtual machines, documentation and challenges that can be used to learn about a variety of computer security issues such as privilege escalation, vulnerability analysis, exploit development, debugging, reverse engineering, and general cyber security issues. Nebula Nebula covers a variety of simple and intermediate challenges that cover Linux privilege escalation, common scripting language issues, and file system race conditions. Nebula is an ideal place to get started for people new to Linux exploitation. Protostar

About Exploit Exercises

Fusion Fusion About Fusion is the next step from the protostar setup, and covers more advanced styles of exploitation, and covers a variety of anti-exploitation mechanisms such as: Address Space Layout RandomisationPosition Independent ExecutablesNon-executable MemorySource Code Fortification (_DFORTIFY_SOURCE=)Stack Smashing Protection (ProPolice / SSP) In addition to the above, there are a variety of other challenges and things to explore, such as: Cryptographic issuesTiming attacksVariety of network protocols (such as Protocol Buffers and Sun RPC)
The community has coughed up some classic distributions full of juicy targets and p0wnlabs is testing out a program to host them for your hacking pleasure. Simply configure your system to connect to p0wnlabs via openvpn and hack away! Here's the openvpn config package you will need to connect. It's a simple tar archive of the text file and the necessary keys suitable for starting openvpn on linux. You can translate it to windows if you insist. Once you're connected you'll get an extra ethernet interface on a network. p0wnlabs .:. Vulnerable Distros p0wnlabs .:. Vulnerable Distros
[Video] VulnImage - Automated Method [Video] VulnImage - Automated Method Links Watch video on-line: *Temporarily Disabled* Download video: http://download.g0tmi1k.com/videos_archive/VulnImage_-_Automated.mp4 Brief Overview VulnImage is an obscure (I can't even find a 'homepage' as such, for it!)
Using the information above, the attacker changes their IP address to match the one that was displayed on the page as well as continuously port scanning the target. After waiting a while and monitoring the port scan results, the attacker notices that a port opens up after a while (Editor's note: You'll never have to wait more than 10 minute)! The attacker then stops the looped port scanner and starts to continuously trying to connect to the new port, TCP: 10001, for when it is to open again. By using 'Netcat' the attacker is able to create a RAW socket, thus allowing them to interact to any service that is running. [Video] 21LTR - Scene 1 [Video] 21LTR - Scene 1
Hack a Server
Malware Analysis Tutorial 1 - VM Based Analysis Platform Malware Analysis Tutorial 1 - VM Based Analysis Platform Learning Goals:Configure a virtual machine based experimental platform for malware analysis.Master basic network sniffing/monitoring skillsThis Lesson Can be Used as a Lab Module in:Computer Networks and Communication ProtocolsOperating SystemsChallenge of the day: Run the Max++ malware, can you describe its network activities? For those of you who had trouble with downloading the sample from offensive computing, here is another link: http://contagiodump.blogspot.com/2010/11/zeroaccess-max-smiscer-crimeware.html Or follow Bonfa's tutoria [1] on the download instructions. Bonfa's tutorial is perfect a general introduction/analysis of Max++. 1.
Malware Analysis Tutorial 11: Starling Technique and Hijacking Kernel System Calls using Hardware Breakpoints Learning Goals:Understand hardware breakpointUnderstand vectored/structured exception handlingUnderstand the tricks that interrupt module loadingApplicable to:Operating Systems.Computer Security.Programming Language Principles.Assembly Language.1. Introduction Starling is a bird that steals nests of other birds. In this tutorial, you will look at a "starling" technique used by Max++ to run its own malicious code using the "body" of another benign module named "lz32.dll". 2. Lab Configuration You can either continue from Tutorial 10, or follow the instructions below to set up the lab. Refer to Tutorial 1 and Tutorial 4 for setting up VBOX instances and WinDbg.