Signs that you're a bad programmer - Software Engineering Tips Why was this written? Most of these faults were discovered the hard way by the author himself, either because he committed them himself or saw them in the work of others. This paper is not meant for grading programmers, it was intended to be read by programmers who trust their ability to judge when something is a sign of bad practice, and when it's a consequence of special circumstances. This paper was written to force its author to think, and published because he thinks you lot would probably get a kick out of it, too. 1. Inability to reason about code How to hide files in JPEG pictures If you’re looking to hide files on your PC hard drive, you may have read about ways to encrypt folders or change the attributes on a file so that they cannot be accessed by prying eyes. However, a lot of times hiding files or folders in that way requires that you install some sort of software on your computer, which could then be spotted by someone else. I’ve actually written quite a few articles on how you can hide files and folders in Windows XP and Vista before, but here I’m going to show you a new way to hide files that is very counter-intuitive and therefore pretty safe! Using a simple trick in Windows, you can actually hide a file inside of the JPG picture file! You can actually hide any type of file inside of an image file, including txt, exe, mp3, avi, or whatever else.
Password crackers SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form . This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner , Ncat network connector , and Nping packet manipulator ). We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews.
How To Become A Hacker Copyright © 2001 Eric S. Raymond As editor of the Jargon File and author of a few other well-known documents of similar nature, I often get email requests from enthusiastic network newbies asking (in effect) "how can I learn to be a wizardly hacker?". The Hacker Manifesto by +++The Mentor+++ Written January 8, 1986 Another one got caught today, it's all over the papers. "Teenager Arrested in Computer Crime Scandal", "Hacker Arrested after Bank Tampering"... What every computer science major should know Portfolio versus resume Having emerged from engineering and mathematics, computer science programs take a resume-based approach to hiring off their graduates. A resume says nothing of a programmer's ability.
Cain & Abel Cain & Abel is a password recovery tool for Microsoft Operating Systems. It allows easy recovery of various kind of passwords by sniffing the network, cracking encrypted passwords using Dictionary, Brute-Force and Cryptanalysis attacks, recording VoIP conversations, decoding scrambled passwords, recovering wireless network keys, revealing password boxes, uncovering cached passwords and analyzing routing protocols. The program does not exploit any software vulnerabilities or bugs that could not be fixed with little effort. It covers some security aspects/weakness present in protocol's standards, authentication methods and caching mechanisms; its main purpose is the simplified recovery of passwords and credentials from various sources, however it also ships some "non standard" utilities for Microsoft Windows users. The latest version is faster and contains a lot of new features like APR (Arp Poison Routing) which enables sniffing on switched LANs and Man-in-the-Middle attacks.
Short Film of the Day: Stuxnet: Anatomy of a Computer Virus Why Watch? Because we should challenge how we define a film. Most of the shorts featured in this column are either easy to spot as stories or completely experimental. Vote Now! Top Ten Web Hacking Techniques of 2011 Every year the Web security community produces a stunning amount of new hacking techniques published in various white papers, blog posts, magazine articles, mailing list emails, etc. Within the thousands of pages are the latest ways to attack websites, Web browsers, Web proxies, and so on. Beyond individual vulnerability instances with CVE numbers or system compromises, we’re talking about actual new and creative methods of Web-based attack.
Chaos Communication Congress 30C3 in Hamburg The 22C3 in December 2005 The congress started out in 1984 in Hamburg, moved to Berlin in 1998, and back to Hamburg in 2012, having exceeded the capacity of the Berlin venue with more than 4500 attendees. Since then, the meetings in the considerably larger venue in Hamburg continue to attract an increasing number of people, around 6,600 attendees in 2012 and most recently more than 9,000 in 2013. A large range of speakers are part of the scene. Humor - How to Shoot Yourself In the Foot Using Any Programming Language The proliferation of modern programming languages (all of which seem to have stolen countless features from one another) sometimes makes it difficult to remember what language you're currently using. This guide is offered as a public service to help programmers who find themselves in such dilemmas. 370 JCL You send your foot down to MIS with a 4000-page document explaining how you want it to be shot.
Black Hat ® Technical Security Conference: USA 2010 // Archives Caesars Palace Las Vegas, NV • July 28-29 Event AUDIO & VIDEO: The Source of Knowledge will be onsite to sell audio and video recordings of the Briefings sessions. Their booth will be located outside of the Fourth Floor (Promenade Level), Emperor's Ballroom, or click here to visit the SOK site: order media » Quynh Nguyen Anh, Kuniyasu Suzaki Firesheep - Wikipedia, the free encyclopedia - StumbleUpon The extension was created as a demonstration of the security risk of session hijacking vulnerabilities to users of web sites that only encrypt the login process and not the cookie(s) created during the login process. It has been warned that the use of the extension to capture login details without permission would violate wiretapping laws and/or computer security laws in some countries. Despite the security threat surrounding Firesheep, representatives for Mozilla Add-ons have stated that it would not use the browser's internal add-on blacklist to disable use of Firesheep, as the blacklist has only been used to disable spyware or add-ons which inadvertently create security vulnerabilities, as opposed to attack tools (which may legitimately be used to test the security of one's own systems). Note that even if they did, it wouldn't actually prevent anyone from using Firesheep, as Firefox contains a hidden setting to disable this blacklist. Countermeasures HTTPS
The Open Organisation Of Lockpickers This is a repository of the most up-to-date versions of Deviant's lock diagrams and animations. Seen in all of the TOOOL educational materials and slide decks, these files are all released under the Creative Commons license. You are free to use any of them for non-commercial purposes, as long as they are properly attributed and the same freedom for others is maintained in all derivative works. Please note that these diagrams have evolved and developed over time. While Deviant is still proud of the older versions of his images, if you still have copies of legacy material they should all be replaced with the latest versions available here.