This whitepaper goes into detail and multiple different ways you can using blacklisting with mod_rewrite.
445a092f63671e00d8cffe2e287b941a30901deeac5d0dc5b36b340fe8ad032a
This whitepaper contains research details an attack timeline, documents what vulnerability was exploited, and provide recommendations on how to avoid data breaches in SAP systems.
dcff6a0ea2091f5fe7bffdc14f8099eaff07f1cd9faee672d80b8d8bfb1b39fb
This whitepaper deals with local privilege escalation attacks via exploiting vulnerabilities in the client management software Empirum.
976d9cf9503cd3beaddb146f9507ee3529d1b82a6712b2cdc7b7ce1b67ac583a
This whitepaper deals with local privilege escalation attacks via exploiting vulnerabilities in the client management software FrontRange DSM.
08ece3edf3aa93e1fde88c8522d035bcfa58b66f09c695d34999e853118ef852
This whitepaper focuses on a method of stealing data as a client side script's identifier (variable or function name). The author describes these attack techniques / browser vulnerabilities and then discuss countermeasures for these issues.
8bfa6b14e13a3f906c5514c4e8df9d61d08c0fdbec7c3caccf3b7b25358569b0
This whitepaper discusses denial of service attacks carried out in WLANs at the physical and MAC layers. It touches on IEEE 802.11 protocol flaws for handling frames at the MAC layer, preventive measures for DoS attacks, and protocol design suggestions.
6d910f077be7eb4de49610dc219dbaa4e68eb656e789d18d33b3965e8a9769f4
This Whitepaper discusses various incident response methodologies in the context of Advance Persistent Threats.
6d63e768574dbbaffa0f9ac592edcdf824a46f9435bf8c3749fbb80f7a15b666
This whitepaper discusses exploitation of CVE-2014-4113 on Windows 8.1.
347b65c62cf9b21ce7a51217f70945df6a72439a4ef09808f6143d9103ce6fc4
This whitepaper goes into detail on design and implementation details for performing voice encryption on telephone networks. Written in Spanish.
96654408957024ded313fec057b5f79be73443423be062807bec0d5dffc0bf05
This whitepaper provides an analysis of why malware is so successful. For many years, different types of malware rank among the biggest IT security threats both in the business and the private domain. In order to protect one self from the dangers of malware, numerous software manufacturers offer IT security products like antivirus and endpoint protection software. But these products alone offer no sufficient protection from malware that knows some tricks, as the results of the author's recent research with the topic antivirus evasion show.
dec9eff1124fd9cbaf98f478be5bc00a12adec280ae5425357c695fc475ac738
This whitepaper discusses hacking with sqlmap and leveraging cross site request forgery vulnerabilities. Written in Turkish.
7130a96bfe8e601c63c6db831c76a47578959bc3aa160183ca7c39ba4c380efd
This whitepaper is an introduction to security in high performance computer architecture.
4337cb70d614e077a9820aee114c0aa3a101b1836901fcfc7b8811d90e34b6df
This whitepaper discusses a stack-based buffer overflow vulnerability in the Android KeyStore service which affects Android 4.3 and below.
f7115facb01ba5509340d2f23ccfd38240c5a8ae2b85f19bd810f467d71ca0f8
This whitepaper details the steps taken to unpack an application, locate the pinning handler, patch and repack. The techniques detailed in this whitepaper may also be used to achieve other goals when hacking Android applications.
b380448797b174e0ef5426b8ceaf08d03d726e7add0c4fa1576aecd5d4c6dc55
This whitepaper discusses various web application firewall bypass methodologies. Written in Turkish.
d04d9dc9ed267c9142d78a1a35f38d8397df4345faa4d26a2221dd442c5ad695
This whitepaper provides an overview of the tools used in order to analyze malware on Android.
768a61b28e90178964b682b152e60eca11af1e5d5bb90aff633a7c86d60fa152
This whitepaper details how to perform wifi man in the middle attacks and then sniff the traffic for analysis afterwards using Wireshark.
ba682f01ac66297c006d03d6d6a391811b8546679c41f35d715ecb25f387a262
This whitepaper is a walk through on how to extract msgstore.db.crypt5 from WhatsApp on Android and using tools to break crypt5.
68ad521e10670bbb65c0d7b97ed8b497b83fd054c87bf2fe62d0596ebb035636
This whitepaper discusses heap spraying. Written in Portuguese.
4d45d4dd1363f5031cde304561cd53549c288ebffe7ac68449637f119a2fbfcc
This whitepaper documents how to compromise CA ControlMinder versions 12.5, 12.6, and 12.6 SP1 running JBoss version 4.2.2.GA.
d79c4e8b7e01e49acdda05ad5eceda4f0bf7d0d76f4b960c5d9135475bebc7d6
This whitepaper discusses rooting windows server using the PHP Meterpreter Webshell in Metasploit.
969178f6ff5208ad667a07134dd268f1f3afb8fbcc598cfc6a4095ef57d2b50b
This whitepaper discusses the various type of cross site scripting attacks (reflected, stored, DOM, and mutated). It also encompasses 16 solved challenges. Written in Spanish.
bc543a96e318a73cdeefad02ee4de9c48c143df8ed4dc2608e4017ade8a45e8a
This whitepaper discusses how to perform a take over of the Ektron CMS. It demonstrates how to hijack the builtin and admin accounts.
4051126d4a1554f5aa1a371e3823fe1746489da90272c4a0bd3f21fffb9a0ce0
This whitepaper discusses how attackers use dictionary-based brute-force attacks to steal other people's bitcoins. Proof of concept tools are included.
d3b473fd72aba55764c5b793c9300a33b4bc94411e4282b14f400213f149aa0d
This whitepaper details some novel methods of exploiting blind XPath 2.0 injection flaws that can be used to retrieve the whole document being queried (and others on the filesystem) without needing a large number of requests. It also covers exploiting some common XML databases.
bb958f4f5dc663b2b29dda1a486d1e5c6aaa2c1a738838917678623686d2a543
This whitepaper is called Modern Web Application Firewalls Fingerprinting and Bypassing XSS Filters.
65acaee3edb30787203ec67ebd4b8e85f2ced5170a1f786efb797a9df09856b3