what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 83 RSS Feed

Files

Bypassing Certificate Pinning In Modern Android Application Via Custom Root CA
Posted Aug 20, 2020
Authored by Nghia Van Le

This document is intended to provide detailed instructions for bypassing certificate pinning via a custom Root CA. It covers all the required topics for understanding this method.

tags | paper, root
SHA-256 | e451c3653c39f8c69197cc44125ea0be0963f12054cce2cca25c7696dab74b07
Bypassing A Null Byte POP/POP/RET Sequence
Posted Dec 25, 2019
Authored by FULLSHADE

This whitepaper covers a new technique that utilizes DLL injection to inject a custom DLL into a running vulnerable process to add a POP POP RET sequence in the scenario that the vulnerable program does not include any null byte free sequences. This is a useful technique to exploit SEH buffer overflow attacks successfully.

tags | paper, overflow
SHA-256 | 74df8ee5ae7f9410a55a3ced1546454f896ed3cdd356c8ffd56a51dee01fc0db
Web Application Firewall Bypass Methods
Posted May 24, 2019
Authored by Samet ARATOGLU

Whitepaper called Web Application Firewall Bypass Methods. Written In Turkish.

tags | paper, web, bypass
SHA-256 | de3d6eb771b386a81807a989fe41fcd824480b3c78ac572e1d065e0f3b1e087a
Polymorph: A Real-Time Network Packet Manipulation Framework
Posted Apr 16, 2018
Authored by Santiago Hernandez Ramos

Whitepaper called Polymorph: A Real-Time Network Packet Manipulation Framework.

tags | paper
SHA-256 | 118f42ea90b2cc6b9facac454524602580cde922f0c07097d8bf647d67feb837
Evading All Web-Application Firewalls XSS Filters
Posted Sep 9, 2015
Authored by Mazin Ahmed

This whitepaper documents shortcomings in various popular web application firewalls (WAFS) and how to trigger cross site scripting attacks regardless of the protections in place. Covered are F5 Big IP, Imperva Incapsula, AQTRONIX WebKnight, PHP-IDS, Mod-Security, Sucuri, QuickDefense, and Barracuda WAF.

tags | paper, web, xss
SHA-256 | c38f62eb042bf845f286dc56c557e0a4422de464a3d9658b8fd2d013a1a708c2
How To Bypass SafeSEH And Stack Cookie Protection
Posted Dec 4, 2014
Authored by Bekir Karul

Whitepaper called How to Bypass SafeSEH and Stack Cookie Protection. Written in Turkish.

tags | paper
SHA-256 | e050272b732f5a854bc507f634721ef4c4a1a90ef89177a48991c3eb78e4209f
WAF Bypass Methods
Posted Apr 29, 2014
Authored by Deniz Cevik

This whitepaper discusses various web application firewall bypass methodologies. Written in Turkish.

tags | paper, web, bypass
SHA-256 | d04d9dc9ed267c9142d78a1a35f38d8397df4345faa4d26a2221dd442c5ad695
Clamwin Antivirus Bypass Methodology
Posted Feb 17, 2014
Authored by Freebyte

This is a whitepaper discussing the bypassing of Clamwin Antivirus. Written in Azerbaijan.

tags | paper, bypass
SHA-256 | 98bc6e18cd7a7451a7a16c334edae8e56514a14d1cb46d89f1f663f542990e1d
Bypassing Modern Web Application Firewalls
Posted Dec 14, 2013
Authored by Rafay Baloch

This whitepaper is called Modern Web Application Firewalls Fingerprinting and Bypassing XSS Filters.

tags | paper, web
SHA-256 | 65acaee3edb30787203ec67ebd4b8e85f2ced5170a1f786efb797a9df09856b3
Bypass Comodo Firewall
Posted Nov 16, 2012
Authored by W1ckerMan

This whitepaper discusses bypassing the Comodo firewall using port redirection. Written in Portuguese.

tags | paper
SHA-256 | 1aae4d3b68d9f1c818f8fd73d03673625c1ed7397ed0155553baed0d97a61b2e
Bypassing Avast Sandbox Using Alternate Data Streaming
Posted Oct 28, 2012
Authored by W1ckerMan

This is a brief whitepaper detailing how to bypass the Avast! sandbox using alternate data streaming.

tags | paper
SHA-256 | 586680dac0f8f3d57c5eef0b2ad0936aa1ccd4bdf17ed5704a5051a36a13ff3f
Bypassing Spam Filters Using Homographs
Posted Jul 30, 2012
Authored by Fady Mohamed Osman

This is a whitepaper called Bypassing Spam Filter Using Homographs. Some generation code is also included.

tags | paper
systems | linux
SHA-256 | 53ce87d77ad354d381340e51d46995bbf63257ebb4dd4ce48fd728ce00168df1
Bypassing Address Space Layout Randomization
Posted Apr 16, 2012
Authored by TheXero | Site nullsecurity.net

Most modern day Operating Systems include some form of memory protection such as DEP and ASLR. This article focuses on ASLR, its implementation, limitations and finally various techniques which can be used to circumvent the protection.

tags | paper
SHA-256 | de3faada87e1bd7b6c844f2b8479cf643993f49918b07823dfb93f24683b904d
Bypassing tolower() Filters In Buffer Overflows
Posted Mar 30, 2012
Authored by localh0t

This whitepaper goes into detail on how to bypass tolower() filters in buffer overflows. It uses a stack-based buffer overflow as an example but the technique can also be applied to heap overflows as well.

tags | paper, overflow
SHA-256 | db7da31673402422788bf435e51bb26cce80674800f01ecfb89ff9f49608d751
SafeSEH+SEHOP All-At-Once Bypass Exploitation Method Principles
Posted Jan 11, 2012

Whitepaper called SafeSEH+SEHOP all-at-once bypass exploitation method principles.

tags | paper
SHA-256 | 209ec6ec9584ba32640f53ad2c68e710468e453169d11ebbd3a1605912e0684a
Evading Antimalware Engines Via Assembly Ghostwriting
Posted Oct 12, 2011
Authored by antiordinary

Whitepaper called Evading Antimalware Engines via Assembly Ghostwriting.

tags | paper
SHA-256 | c69ca241db8929c1badf0a2febd49a571ceddd5755b5f32dd8ef44146ffadb5c
Bypassing Windows 7 Kernel ASLR
Posted Oct 12, 2011
Authored by Stefan Le Berre

Whitepaper called Bypassing Windows 7 Kernel ASLR. In this paper, the author explains every step to code an exploit with a useful kernel ASLR bypass. Successful exploitation is performed on Windows 7 SP0 / SP1.

tags | paper, kernel, bypass
systems | windows
SHA-256 | 5c3994059d8384faf17163e5cb49cd471cedb061f14e2c2b7ef3cdb5ce5724aa
Bypassing IDS With Return Oriented Programming
Posted Oct 4, 2011
Authored by Jonathan Salwan

Whitepaper called Bypassing IDS with Return Oriented Programming. It heavily discusses and shows the point of leveraging polymorphic shellcode in order to bypass detection.

tags | paper, shellcode
SHA-256 | 7b4233a85e4bc362abaaeaf8b2d2687ed81a3db3a7a699bbe6949214aeb66bae
Bypassing ASLR/DEP
Posted Oct 1, 2011
Authored by Secfence

Whitepaper called Bypassing ASLR/DEP. It discusses techniques to bypass these security mechanisms and how custom shellcodes are developed.

tags | paper, shellcode
SHA-256 | 19d0d0eeefb330797d6b704b3e34af8e0a45d1f512f2906ecc92ca8068e83e5d
Bypassing PHPIDS 0.6.5
Posted Aug 26, 2011
Authored by Michael Brooks

Using the attacks in this paper allows you to bypass all of PHPIDS's rule sets, which defeats all protection PHPIDS can provide. Furthermore, on a default install of PHPIDS the log file can be used to drop a PHP backdoor. This can use PHPIDS as a vital steping stone in turning an LFI vulnerability into remote code execution. The end result is that use of PHPIDS 0.6.5 can make you less secure. All of these issues have been fixed in version 0.7.

tags | paper, remote, php, code execution
SHA-256 | 4e80f010f2e100b6cc954b44c4b4a7f65f2ce4d15ff9f32967990f6eb5333cab
Defeating DEP Through A Mapped File
Posted Aug 14, 2011
Authored by Homeostasie

Whitepaper called Defeating DEP (Data Execution Prevention) through a mapped file.

tags | paper
SHA-256 | c08d113619ee176b7898ecf1686249bd2ae760e23e531cd3578f20b4101f6a2b
Return-Oriented Programming / DEP Bypass
Posted Aug 3, 2011
Authored by Canberk BOLAT

This whitepaper details the ins and outs of return-oriented programming and DEP bypass.

tags | paper, bypass
SHA-256 | cd7c52e6aacd9baf229c258107646cd9b87b0fd8eebc7072ca57f5903e148874
Defeating Data Execution Prevention And ASLR In Windows XP SP3
Posted Jul 5, 2011
Authored by High-Tech Bridge SA | Site htbridge.com

Whitepaper called Defeating Data Execution Prevention and ASLR in Windows XP SP3. Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the task of exploiting software. This document show how these two features can be bypassed using different techniques.

tags | paper
systems | windows
SHA-256 | f469442a5a92bed1a1086a83f8aebc86f786d426e10337f16a54d94b71969b8e
Bypassing Anti-Virus Scanners
Posted Mar 29, 2011
Authored by MaXe

Whitepaper called Bypassing Anti-Virus Scanners.

tags | paper, virus
SHA-256 | 8919103e539f8e08d30103803a77e6ad632dce79dedb8e58ee5be3b8dbcbf8c6
Antivirus / Firewall Evasion Techniques: Evolution Of Download Deploy Shellcode
Posted Jan 31, 2011
Authored by FB1H2S

Whitepaper called Antivirus / Firewall Evasion Techniques : Evolution of Download Deploy Shellcode.

tags | paper, shellcode
SHA-256 | dbb6ec4dcc2c9fc40144c8ec59fdeb2ca61452a22cb209fdf2e7903079ab80b1
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close