This is a brief whitepaper that covers XPATH injection attacks and use cases.
72d2972397b3492bd0d1d375cb0e92be5b5ce54c9372c0809f8b6dc6a39cc58d
This Metasploit module exploits blind XPATH 1.0 injections over HTTP GET requests.
651687bcd595b9f22e68c3c981e70f5fc4f0a88508ab6655dda370543c5b0161
This is a brief whitepaper that discusses some basic fundamentals for approaching secure design of an application.
c962e90a506a04f9658f44421b9bf8e4b0339a1755b66c5c193c109f722ea574
This is a brief write up discussing insecure functions susceptible to classic buffer overflows.
6c56ef6f21fb5c517c4f05fbff6461b2f130d800355ad39593d8b2f06bee3943
This is a brief whitepaper discussing the securing of authentication and authorization.
ec474e596a9d9ba2ab9781f4af02b1dee9f12e35a15b86af9d6a4566b3045d04
This is a brief whitepaper that discusses wordlists, where to get them, and when to use them.
89e78120ceaeb9a64b5808490e77eb00fad19d19fe3106904104df63dfb37a31
This is a brief whitepaper that discuss HTTP Host header attacks.
a6fa96ce1a609cfb613a8375b0180918f63f56cc17ee3a3c76e0de0ea38c3e92
This is a brief whitepaper that goes over file transfer mechanisms that can be used on Windows and Linux.
bb53fbaa2dc352533456cf7d06a33392552c749b608b8e33b3b03227d97e1520
This is a brief whitepaper that goes over some tooling that can be of assistance while performing reconnaissance against a web application prior to attack.
efa89877156455ecbe4998579276a2b7f88564aac2a446ce3a8fdb5d7a98c52c
This is a brief whitepaper discussing best practices in mobile application security.
b1918abbd608009a0920e4a9bc031809a5b57b44c3c36e87343ee875c3173748
This is a brief whitepaper that discusses buffer overflows and analysis with the Immunity Debugger.
73127a9cc87fc8a939672df63d83e98a8b71f9eac62cd948cf7afa9a24f08ecb
This is a brief whitepaper that discusses fuzzing the VIM editor.
b961ee5f08adf14aeb3683b15f97a4a747d4d428142b2f7ac487d4c97fc8d786
This is a brief whitepaper on how to find savedata exploits on Sony PlayStation Vita (PS Vita).
188612d0c7a2539a8f339aa1aea144f2e79cae8e31e8f935cf054251a5ed4586
This is a brief whitepaper discussing the use of analytics when hunting for threats and notes some open source tools that can provide help.
18525786505ac237f2a1eb0774841f333bda5911afa3229941ffeb938eea4c77
This is a brief whitepaper discussing how to perform man-in-the-middle attacks as an exit node on TOR.
0f52accc93bc9d4f2ed2e7393a4bc7289bcd92489c25dd669cea0e8b074a2063
This is a brief whitepaper written in Arabic that gives some examples of tools that can be used to hack systems.
2ae93e8c7e8325d75e32afcbb5a09b54616818e152807f8540adb0a73c0988b2
This is a brief write-up on how magic values in 32-bit processes on 64-bit OSes work and how to exploit them.
0e22f4f695fe5a82d5a78008e35426ae71abb83926c813e23d3e43569e903c82
This is a brief whitepaper that documents how the author analyzed malicious javascript and a host used for slinging fake antivirus software.
e26853153c11af3c368c496b92cb79cc809c59f6efe56f5c321aefba8a22855c
This is a brief whitepaper that discusses threats and mitigations against those threats when using open wireless access points.
0574734d9f9275ddb9dc943efd9df28254d8bcf312ed3e6a17473350b8d1d633
This is a brief whitepaper that discusses SQL injection, cross site scripting, and remote shell upload vulnerabilities in various Joomla! plugins.
794cddcc554bcd6bb919eccba86c9c7f16316a4cf209458c0e5739cc35e04ba5
This is a brief write up noting javascript backdoors left in common PHP shells.
5cfb1217e9087a15de79d56e9f05827f2a275f0a080cf8427518a3cba732ef2f
This is a brief whitepaper that provides an analysis of account lockout schemes used to prevent bruteforce attacks.
8e18db6be674d94c9a87db4b797085812ec8e170e75ee52055331ec7fa17383e
This is a brief write up that discusses NULL page mitigations on Windows 8 and includes a piece of proof of concept code.
a7d45dd13990e785f7ee6bbec647ae6693fc0348799ef70a34911098b0fb2da6
This is a brief whitepaper that goes over different payloads that can be leveraged in SQL injection attacks.
9499be52d5cfed9d72ecaf10bc20f2276bb6bc14fd6d1eb70d8afca6916fdf70
This is a brief write up discussing exploitation of the cross site request forgery vulnerability discovered in the Cisco EPC3925 router.
e0e9eb1360b28fa8b096368773821f3b01656d4faedb41fc2062ac1a7094eaff
This is a brief whitepaper that discusses shell access on both Windows and Unix systems and how to obtain better control versus arbitrary command execution.
cb59a18f0938580f2565d5dbb95ef2e78886586329dfef334a80e2e3a2b58d8e