Part 1 – Lab Setup Guide:
Archive for the ‘Level V2.0’ Category
Reference Guide – Reversing & Malware Analysis Training.
On May - 6 - 2012
Hacking Web Applications using WebScarab.
On January - 28 - 2012
| Introduction |
| In this short tutorial, we will see how to use WebScarab to easily and transparently intercept web traffic. This is one of the basic step in web application hacking and analysis of web security. Even casual hackers can use it to see what goes behind the screen while you browse particular website. |
| Â Read the rest of this entry » |
PDF – Vulnerabilities, Exploits and Malwares.
On January - 28 - 2012
| Introduction |
Many people don’t consider PDF files as a possible threat and oh, well I agree to them(!). It is not the PDF files but the rendering softwares we have to be afraid of. If you think I am referring to those Adobe Reader 0-days popping up periodically, hell yeah, you are RIGHT!. We are going to talk about PDF files, few Adobe Reader vulnerabilities, exploits and malwares that comes along with it  |
| Â Read the rest of this entry » |
The 20 second guide to X86 assembly language for exploit writers.
On January - 28 - 2012
If you want to write software exploits, you need to understand assembly.
Now, what I refer to as assembly is actually a generic term for low level programming language that operates only one step above basic machine code (1s and 0s) that is natively executed by a CPU. Because assembly is so closely related to the code a CPU directly executes, it is actually CPU specific. That means different families of CPU have different assembly languages. You can’t, for example, run assembly code written for the Sun SPARC CPU architecture on a X86 processor, a IA-64 bit processor or a MIPS processor. These CPUs all have different assembly languages. OllyDbg, and this tutorial, will focus specifically on the 32 X86 architecture used on the vast majority of “common use†32 bit systems in the world.
SQL INJECTION | Website Deface | Using tool | Live Example.
On January - 9 - 2012
What is SQL injection ?
SQL stands for Structured Query Language.SQL is used to design the databses. The information is stored in databses. SQL injection is the vulnerability occuring in database layer of application which allow attacker to see the contents stored in database. This vulnerabilty occures when the user’s input is not filtered or improperly filtered.
The main goal of attacker is use to access the information stored in website’s database. It can be done manually. In this tutorial, I am using to do the same thing easily using a tool.
Read the rest of this entry »
Intrusion detection system (IDS)
On December - 5 - 2011
