Whitepaper called Code Review Steps and Methodologies.
735525da63576a35964d6bc60e144a48This is a whitepaper called Bypassing Spam Filter Using Homographs. Some generation code is also included.
9395f5bee432162375e37981ac30a2acWhitepaper called Reverse Engineering Malware Part 1.
5a024a46d9813b832462a13a9362ba84Whitepaper called Actuality of SMBRelay in Modern Windows Networks.
81653f8d5eb1f2a90fee0f43369d9388Whitepaper called Intro to SQL Injection and Countermeasures.
68db188cf8aab372f9306915334ea57dThis is a whitepaper called Exploring Windows Backdoors - Bypassing Firewalls on Webhosting Providers.
dc6f6cef040a7a562bff70b2ea29f9e8Whitepaper called The Source Is A Lie. Backdoors have always been a concern of the security community. In recent years the idea of not trusting the developer has gained momentum and manifested itself in various forms of source code review. For Java, being one of the most popular programming languages, numerous tools and papers have been written to help during reviews. While these tools and techniques are getting developed further, they usually focus on traditional programming paradigms. Modern concepts like Aspect Oriented Programming or the Java Reflection API are left out. Especially the use of Java’s Reflection API in conjunction with the lesser known “string pool” can lead to a new kind of backdoor. This backdoor hides itself from unwary reviewer by disguising its access to critical resources like credential through indirection. To raise the awareness about this particular kind of backdoor, this paper will provide a short introduction to the string pool, show how reflection can be used to manipulate it, demonstrate how a backdoor can abuse this, and discuss how it can be uncovered.
95c7b6fb02b2acae134655f38d6826c1Whitepaper called JavaScript Deobfuscation - A Manual Approach.
394491af70ed0366a12d7c638a9593c7This is a whitepaper called Blind Date With Your Girlfriend. It is a brief tutorial that explains how to use Metasploit to hack a Windows box.
581638862cff171206c8c5b82a36fcbcWhitepaper called Anatomy of a Credit Card.
98e1268d250239c216012621ce8bcccfWhitepaper called DNS Spoofing. Written in Portuguese.
7bdb983b4ae751b09c49de1290cdf2d9Whitepaper called Basic Pentesting Steps. Written in Portuguese.
ebda5c1727e0395bee2e656071182ff1Whitepaper called Exploring and Patching Remote File Disclosure Vulnerabilities. Written in Arabic.
1b9d9377a70cc4d607783cf605d15628Whitepaper called Using UPX as a Security Packer. It goes into detail on how to use this tool and how to bring obfuscation into it.
847424d82e15f2a25de42bf5aaa0f66eThis is a whitepaper called Pentest: Information Gathering. Written in Spanish.
2ca850ead2557a7defe47affd47c6ce8Whitepaper called Attacking the Washington, D.C. Internet Voting System. In 2010, Washington, D.C. developed an Internet voting pilot project that was intended to allow overseas absentee voters to cast their ballots using a website. The authors of this paper participated in a challenge to break the security of the system and in doing so, elected Bender from Futurama to the school board.
bf259421383085dfe1dea44f3ea2912aWhitepaper called Metasploit: Low Level View. It touches on topics such as code injection and malware detection evasion / Metasploit encoders.
0559a81662deefef0464d9ae73e2544cWhitepaper called Return-Oriented Programming Na Unha! Written in Portuguese.
a419a2a94db7471d78bcf483922d6890Whitepaper called Wi-Fi Security with Wi-Fi Protection Plus. Wi-Fi P+ is a new security architecture proposed by the authors.
16043c7211664d2a65cd89b3424c7fdcWhitepaper called Shell Code Injection To Process. Written in Turkish.
9caf5ab14b0324dd2531325a849b788eWhitepaper called DNS Service Oriented Denial of Service / Distributed Denial of Service Attacks. Written in Turkish.
65e8a925c1f765f5b5d447b24ea5fde3This is a brief whitepaper called A Backdoor in the Next Generation Active Directory.
4322964f07c8caf1a4bd6cd89912fef5Whitepaper called SafeSEH+SEHOP all-at-once bypass exploitation method principles.
83ce42a2ebc0a0cb5a110a97fb019c23Whitepaper called Buffer Overflows: Anatomy of an Exploit. A look at how systems are exploited and why these exploits exist.
5ed1c91a3ec36484f952cddff2c5778aWhitepaper called Linux Kernel Hooking, Data Manipulations and Making Root Exploits. Written in Turkish.
28fae139bde9a4dc5de620503482207dWhitepaper called Denial of Service attacks and mitigation techniques: Real time implementation with detailed analysis. Unlike other theoretical studies, this paper lays down the steps involved in implementing these attacks in real time networks. These real time attacks are measured and analyzed using network traffic monitors. In addition to that, this project also details various defense strategies that could be enabled on Cisco routers in order to mitigate these attacks. The detection and mitigation mechanisms designed here are effective for small network topologies and can also be extended to analogous large domains.
a7d283e69e99422e2fe86041f1af3f16
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed