exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 100 RSS Feed

Files

To Kill A Centrifuge
Posted Nov 21, 2013
Authored by Ralph Langner | Site langner.com

Whitepaper called To Kill a Centrifuge - A Technical Analysis of What Stuxnet's Creators Tried to Achieve.

tags | paper, worm
SHA-256 | 75e6d217f9ac0859aa9d4ad1ececb2d395e122d6a0d1fa7cb30fc9e81bc01da9

Related Files

Hardware Involved Software Attacks
Posted Dec 25, 2011
Authored by Jeff Forristal

Whitepaper called Hardware Involved Software Attacks. Computer security vulnerabilities involving hardware are under-represented within the security industry. With a growing number of attackers, malware, and researchers moving beyond pure software attack scenarios and into scenarios incorporating a hardware element, it is important to start laying a foundation on how to understand, characterize, and defend against these types of hybrid attacks. This paper introduces and details a starting taxonomy of security attacks called hardware involved software attacks, in an effort to further security community awareness of hardware security and its role in upholding the security of the PC platform.

tags | paper, vulnerability
SHA-256 | c7725f5f5155ccae730b5464c6855db0d3283f354981f52fcebb60c92127731a
Construindo Shellcodes
Posted Dec 25, 2011
Authored by m0nad

Whitepaper called Construindo Shellcodes. It discusses how to build shellcodes and use them. Written in Portuguese.

tags | paper, shellcode
SHA-256 | 8a69b4c29cd9e658b54a12c337266f622bc5a9644d51ae9a62cf454b59fa26b1
False SQL Injection / Advanced Blind SQL Injection
Posted Dec 22, 2011
Authored by wh1ant

This is a brief whitepaper called False SQL Injection and Advanced Blind SQL Injection.

tags | paper, sql injection
SHA-256 | c69a3b2da9530405c3ed93af845dd91cd134b73575ef841656393f8c04acc185
Armitage - Hacking Made Easy Part 1
Posted Dec 20, 2011
Authored by r45c4l

This is a whitepaper called Armitage - Hacking Made Easy Part 1. It covers using the Armitage GUI for Metasploit when performing pentesting.

tags | paper
SHA-256 | 5777c81d10c96a98fcf57d7f4affd16f8b29fa2e3121f0c628c6d44d023e0faf
Active Directory Offline Hash Dump And Forensic Analysis
Posted Dec 15, 2011
Authored by Csaba Barta

Whitepaper called Active Directory Offline Hash Dump and Forensic Analysis. The author participated in a project where it was required to extract the password hashes from an offline NTDS.DIT file. After searching the Internet for an available tool, the author found that there was no open source tool. Because of that the author decided to research the internals of password encryption and storage of Active Directory and create a tool for the forensic community.

tags | paper
SHA-256 | 7c27ab31e6a03839ed661d3fb678d3b2d06e9a0aa037df4e3967246d0c184a28
Overview To HTML5 Web Security
Posted Dec 15, 2011
Authored by Michael Schmidt | Site csnc.ch

Whitepaper called Overview to HTML5 web security. This article is an extract of the master thesis written by Michael Schmidt. It needs to be considered that the content of this document was released in May 2011.

tags | paper, web
SHA-256 | 80db6816d328e2047d44c3b598a2a9756e6a4f2de1f01ef7af19901983063af3
Unprotecting The Crypter - A Generic Approach
Posted Dec 13, 2011
Authored by Arunpreet Singh

Whitepaper called Unprotecting the Crypter, a Generic Approach. It discusses how crypters work and unpacking malware.

tags | paper
SHA-256 | 937196e8fab2e4560c58ff7b754f08781822ad6da74fc0f1e72386234ca1d6ef
The Tor Project: Authority "No Check" Weakness
Posted Dec 13, 2011
Authored by Piotr CHMIELNICKI

Whitepaper called The Tor Project: Authority "No Check" Weakness. It discusses the fact that exit nodes can be leveraged easily to commit man-in-the-middle attacks.

tags | paper
SHA-256 | f523fe3bebb9e922cf2b46d51e4e0f5b2dd213f250650097026f0a157421c7b5
Anti-Virus Evasion Techniques
Posted Dec 11, 2011
Authored by Abhinav Singh

Whitepaper called Anti-Virus Evasion Techniques. Some of the techniques discussed are binding and splitting, converting exe to executable client side scripts, and performing code obfuscation/morphing.

tags | paper, virus
SHA-256 | a67e9dfc2edc6ef44c9c82a4132902d3b4329e23e0b4c682cc1ef2191fb41ee3
Browser Security Comparison: A Quantitative Approach
Posted Dec 10, 2011
Authored by Ryan Smith, Chris Valasek, Paul Mehta, Charlie Miller, Shawn Moyer, Joshua Drake | Site accuvant.com

Whitepaper called Browser Security Comparison: A Quantitative Approach. The Accuvant LABS research team completed an extensive security evaluation of the three most widely used browsers – Mozilla Firefox, Google Chrome, and Microsoft Internet Explorer – to determine which browser best secures against attackers. The team used a completely different and more extensive methodology than previous, similar studies. They compared browsers from a layered perspective, taking into account security architecture and anti-exploitation techniques.

tags | paper
SHA-256 | e054bd896f56e8be803b55bc04ad540e6247fb7a0bbcf3094c27a9a421226a18
Post Exploitation Using Meterpreter
Posted Dec 10, 2011
Authored by Shubham Mittal

Whitepaper called Post Exploitation using Meterpreter. It goes into detail on how to leverage Metasploit during a penetration test.

tags | paper
SHA-256 | 89a7620f8ae1ed536363950d30f77b17cc62b653bd630305609749e496b2a9d7
Hacking iOS Devices
Posted Dec 7, 2011
Authored by Japson

Whitepaper called Hacking Dispositivos iOS. It demonstrates how dangerous it is to be connected to a wireless network with an iOS device that has OpenSSH enabled. Written in Spanish.

tags | paper
systems | apple, iphone
SHA-256 | 69fe6147bbfce7aa1f1fda7be05564726198e6a7762c9a4c617c46545fd0da39
Web Backdoors - Attack, Evasion And Detection
Posted Dec 6, 2011
Authored by FB1H2S

Whitepaper called Web Backdoors - Attack, Evasion and Detection. This paper provides insight on common web back doors and how simple manipulations could make them undetectable by AV and other security suits. It explains a few techniques that could be used to render undetectable and unnoticed backdoors inside web applications.

tags | paper, web
SHA-256 | b1a5cd53ac0ba93fa6ae8a95e647a33652ee817065946819d8fc813efa6fdce6
Indexed Blind SQL Injection
Posted Dec 3, 2011
Authored by gamma95

Whitepaper called Indexed Blind SQL Injection. Time based blind SQL attacks suffer from low bit/request ratios. Each request produces only one valuable bit of information. This paper describes a tweak that produces higher yield at the expense of a longer runtime. Along the way, some issues and notes of applicability are also discussed.

tags | paper, sql injection
SHA-256 | 84e74daa46ea6185f1c1f4ee9764bc2315f2a4cf39e46f8dfcea99039a5ecb21
A Bit Away From Kernel Execution
Posted Dec 2, 2011
Authored by ar1vr

Whitepaper called A Bit Away From Kernel Execution. A 'write-what-where' kernel memory overwrite tale.

tags | paper, kernel
SHA-256 | 7601ea3c472cfea1df7ebc3821a36b138a1ac133463034a30345aab1a6ead3d2
Systematic Detection Of Capability Leaks In Stock Android Smartphones
Posted Nov 30, 2011
Authored by Zhi Wang, Yajin Zhou, Xuxian Jiang, Michael Grace

Whitepaper called Systematic Detection of Capability Leaks in Stock Android Smartphones. It discusses a weakness in the Android operating system that allows attackers to secretly record phone conversations.

tags | paper
SHA-256 | 5a42058e6ef874923ffe286bf518d8fd4920e14deee4daf20d620cad043d476b
Certificate Authority Transparency And Auditability
Posted Nov 30, 2011
Authored by Ben Laurie, Adam Langley

Whitepaper called Certificate Authority Transparency and Auditability. The goal of this paper is to make it impossible (or at least very difficult) for a Certificate Authority (CA) to issue a certificate for a domain without the knowledge of the owner of that domain. A secondary goal is to protect users as much as possible from mis-issued certificates.

tags | paper
SHA-256 | baa285ffbc1c0f086a22438517cd8c203c13124a4eb655414ea8a04b440b3651
Enumerating And Breaking VoIP
Posted Nov 21, 2011
Authored by Sohil Garg

Whitepaper called Enumerating and Breaking VoIP. It discusses various enumeration techniques followed by a demonstration of a few VoIP attacks.

tags | paper
SHA-256 | 5915b289644f1e037253a04414a137d01faffd8f590ab4c59e271cdc1509e4fd
Social Engineering - The Human Factor
Posted Nov 20, 2011
Authored by Dinesh Shetty

Whitepaper called Social Engineering - The Human Factor. It documents suggested phases of the social engineering lifecycle and associated techniques for implementation.

tags | paper
SHA-256 | 461544be2738e4d8abf609851dadb8d3da3588cb53e8c180e81e7d7b8e0989c9
iSpy: Using Reflections To Spy On iPhones
Posted Nov 7, 2011
Authored by Fabian Monrose, Andrew M. White, Rahul Raguram, Jan-Michael Frahm, Dibenyendu Goswami

Whitepaper called iSpy: Automatic Reconstruction of Typed Input from Compromising Reflections. The authors investigate the implications of the ubiquity of personal mobile devices and reveal new techniques for compromising the privacy of users typing on virtual keyboards.

tags | paper
SHA-256 | 60b7681fb94a33a6c412266114a942f9cd9a18a4b3db0a3554e8c4298fb91873
Heap, Overflows And Exploitation
Posted Oct 31, 2011
Authored by Celil Unuver

Whitepaper called Heap, Overflows and Exploitation. Written in Turkish.

tags | paper, overflow
SHA-256 | 7b494d3844c65ed44831e4a8623b0ae9168a5432d8b05e09295782c967294133
Skype VoIP Zero Day Exploitation
Posted Oct 20, 2011
Authored by Benjamin Kunz Mejri, Pim J.F. Campers

Whitepaper called Skype Voice Over IP Software Vulnerabilities, Techniques and Methods - Zero Day Exploitation 2011.

tags | paper, vulnerability
SHA-256 | b0175858820b9e6438b1ec0ef4a41eeaa2957167c87f13ca78bade3f36b4401a
DNS Poisoning Via Port Exhaustion
Posted Oct 19, 2011
Authored by Yair Amit, Roee Hay

Whitepaper called DNS Poisoning Via Port Exhaustion. It covers everything from how DNS poisoning works to various methods of performing attacks. It discloses two vulnerabilities. One is in Java which enables remote DNS poisoning using Java applets. The other is in multiuser Windows environments that allows for a local DNS cache poisoning of arbitrary domains.

tags | advisory, paper, java, remote, arbitrary, local, vulnerability
systems | windows
advisories | CVE-2011-3552, CVE-2010-4448
SHA-256 | 59aae9b502f6267802e5e03c5acbbc8cc5b2055211508a758f0223c1089883be
Creating Your Own Abstract Processor
Posted Oct 18, 2011
Authored by Aodrulez

Whitepaper called Creating Your Own Abstract Processor. The author discusses creating a theoretical processor architecture that one can develop at the software level.

tags | paper
SHA-256 | 3377a9e7607686a8415eb224532b12bc436eda19656f6192d4f244d9c631a003
Security Issues In Android Custom ROMs
Posted Oct 17, 2011
Authored by Anant Shrivastava | Site anantshri.info

This is a whitepaper called Security Issues in Android Custom ROMs. This paper keeps a special focus on custom ROMs by checking for security misconfigurations that can lead to device compromise.

tags | paper
SHA-256 | 148ace3cc6281b063c2d9749eb5299c07d5dcef0fc282520771e9cf01ffe759c
Page 2 of 4
Back1234Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    28 Files
  • 16
    Jul 16th
    6 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close