Search:

Items Tagged with "Hacking"


1de705dde1cf97450678321cd77853d9

Breaking Into Security: Planet Earth Edition

August 14, 2012 Added by:Ian Tibble

As a pentest guru wannabe, you may possess extremely high levels of fuzzing, exploit coding, and reversing skills, but you will never get to use them and you will intimidate most interviewers. There are easier ways to break into systems. Security is insufficiently mature in most organizations to warrant pentesting...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial pt 2: Scanning for Network Services

August 14, 2012 Added by:Dan Dieterle

Okay, we put in 192.168.12.20 and it scanned it and returned the version of Samba that was running on it. But what if we wanted to scan the whole network for just systems running Samba. This is where the beauty of the RHOSTS command comes into play. Instead of just scanning the single host, let’s scan all 256 clients...

Comments  (0)

69baa1f1851ad2bd24c61868329f76f7

The Hacker Highschool Project

August 14, 2012 Added by:Pete Herzog

We need to get teenagers to realize how small they are in a big field. Hacking is a huge field and the one who knows the most about how things work is going to be the most powerful. That teaches students to respect that small bit of power they get from the lessons and to keep teaching things to themselves...

Comments  (1)

800ca77bf7ad76b2a830356569e524b7

How to Fight and Win the New Cyberwar

August 13, 2012

We are losing the cyberwar. What we are doing now not won't work and can't work because the net-centric defense approach is fundamentally flawed. This presentation includes a history of the battlefield because it's important to understand how we got in this mess in order for us to craft an effective solution...

Comments  (5)

69dafe8b58066478aea48f3d0f384820

Yourikan Claims Ninety-One Iranian Websites Hacked

August 07, 2012 Added by:Headlines

Pro-Israeli hacker Yourikan (you-r!-k@n) is claiming to have hacked and defaced as many as ninety-one Iranian websites including government, education and business targets in protest of Iran's continued pursuit of nuclear weapons and support for terrorist activities targeting Israel...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Billions of Hashes per Second with Multiforcer Password Cracker

August 07, 2012 Added by:Dan Dieterle

So what does it take to reach cracking speeds topping 154 Billion hashes per second with multiple hashes? The tool was created to help out pentesters who need to crack passwords, but can not submit hashes obtained to online cracking programs due to auditing agreement restrictions...

Comments  (0)

B64e021126c832bb29ec9fa988155eaf

Metasploitable 2.0 Tutorial: Checking for Open Ports with Nmap

August 03, 2012 Added by:Dan Dieterle

I mentioned recently that we would take a closer look at Metasploitable 2.0, the purposefully vulnerable Linux virtual machine used for learning security tactics and techniques. In this intro, we will quickly cover obtaining Metasploitable 2.0 and scanning it for open ports and services...

Comments  (0)

7ddc1f3000a13e4dfec28074e9e7b658

Red Flag On Biometrics: Iris Scanners Can Be Tricked

August 02, 2012 Added by:Electronic Frontier Foundation

Among all the various biometric traits that can be measured for machine identification, the iris is generally regarded as being the most reliable. Yet Galbally’s team of researchers has shown that even the method traditionally presumed to be foolproof is actually quite susceptible to being hacked...

Comments  (0)

68b48711426f3b082ab24e5746a66b36

How to Avoid SQL Injection Attacks

August 02, 2012

"SQL injection is a code injection technique that exploits a vulnerability in a website's software. The vulnerability happens when user input is either incorrectly filtered for string literal escape characters embedded in SQL statements or user input is not strongly typed and unexpectedly executed...."

Comments  (0)

7c5c876d1933023ac375eead04302e1a

Un-Ninja the NinjaTel Phone

August 01, 2012 Added by:Boris Sverdlik

For the lucky few that did get the phone, you will be happy to know that the phone has been rooted, but the bootloader is locked. In order to get to any of the settings all that was required was pulling up the IDE app in an area where the phone couldn't connect to any of the pre-installed wireless access points...

Comments  (5)

Cb9aade927a0abf5b0bbdd2a4aaf8716

Leveraging Regular User Accounts to Achieve Compromise

July 31, 2012 Added by:Jake Garlie

One of the more common ways pentesters break in to networks is by leveraging regular user accounts which have been compromised. They can be used in various ways to compromise systems, data, applications, and more. Once valid user accounts are obtained, using them throughout the network rarely triggers any alarms...

Comments  (0)

6d117b57d55f63febe392e40a478011f

BlackHat 2012: Dave Porcello Discusses the Power Pwn

July 30, 2012

Dave Porcello, Founder and CEO of Pwnie Express discusses the recently released Power Pwn, a fully-integrated enterprise-class penetration testing platform, covering the entire spectrum of a full-scale pentesting engagement, from the physical-layer to the application-layer...

Comments  (0)

9a824a3f55b26adad5431f6715dbec2e

Power Pwn and DARPA Programs for Developing Hacking Tools

July 23, 2012 Added by:Pierluigi Paganini

Network analysis has never been easier. Power Pwn, which looks like a surge protector, can be controled remotely via Wi-Fi, Bluetooth, and Ethernet as it searches for network weaknesses. It’s fully manageable via a Web interface accessible through the unit's 3G radio or directly to the device via text message...

Comments  (2)

71d85bb5d111973cb65dfee3d2a7e6c9

DEUCE: Bypassing DLP with Cookies

July 19, 2012 Added by:f8lerror

DEUCE went from simple concept to a multi-encoding and encryption DLP bypass tool. The program simply takes an input file and creates a cookie for each line. DEUCE has the ability to encrypt via AES, hash with MD5 or use a custom multi-encode with a 3 times replacement cipher...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Integration of Mimikatz into Metasploit Stage One

July 10, 2012 Added by:Rob Fuller

One of the powers of Metasploit is its ability to stay memory resident through the use of reflective DLL injection, even keeping new functionalities the attack loads from ever touching disk. I want get to that same level with Mimikatz. Here is my first step to that end: A Railgun based Meterpreter script...

Comments  (0)

D8853ae281be8cfdfa18ab73608e8c3f

Sticky Keys and Utilman Against Network-Level-Authentication

July 02, 2012 Added by:Rob Fuller

If you can get physical or SYSTEM/Admin access and enable + reach RDP, you can very easily gain a level of persistence without the need of a pesky password. However, this doesn't work so well with the advent of NLA or Network-Level-Authentication. StickyKeys don't work so well if you have to authenticate first...

Comments  (0)

Page « < 1 - 2 - 3 - 4 - 5 > »


Popular Topics
Access Control  Anonymous  Application Security  Attacks  Authentication  Best Practices  China  Cloud Computing  Cloud Security  Compliance  Cyber Crime  Cyber Security  Cyber Warfare  Cyberwar  Data Loss  Data Loss Prevention  Denial of Service  Employees  Encryption  Enterprise Security  Espionage  Exploits  FBI  Government  Hacking  Hacktivist  Headlines  ICS  ICS-CERT  Identity Theft  Industrial Control Systems  Information Security  Information Technology  Infosec  Infrastructure  Law Enforcement  Legal  Managed Services  Management  Military  Mobile Devices  National Security  Network Security  PCI DSS  Passwords  Penetration Testing  Policies and Procedures  Policy  Privacy  Regulation  Risk Management  SCADA  Security  Security Audits  Security Awareness  Security Strategies  Social Engineering  Social Media  Stuxnet  Tools  Training  Vulnerabilities  breach  breaches  fraud  hackers  internet  malware  report  vendors