Section: .. / papers / general /
| /// File Name: |
code_auditing_in_c.txt |
Description:
|
A small whitepaper discussing code auditing in C.
| | Author: | Tal0n | | File Size: | 52888 | | Last Modified: | Aug 11 18:29:07 2007 |
| MD5 Checksum: | 25bd0a787a7800bcf71980d9c707f205 |
|
| /// File Name: |
VNSECON07-JA-Exploit_development.pd..> |
Description:
|
Whitepaper discussing how to speed up the exploit development process as presented at VNSECON07.
| | Author: | Jerome Athias | | File Size: | 1698766 | | Last Modified: | Aug 9 22:22:28 2007 |
| MD5 Checksum: | 06a895e8ac593460d4bfdf6ec7692a60 |
|
| /// File Name: |
bind9forgery.txt |
Description:
|
A new weakness has been discovered in the BIND 9 DNS server that allows for DNS forgery pharming.
| | Author: | Amit Klein | | File Size: | 2268 | | Last Modified: | Jul 24 23:39:15 2007 |
| MD5 Checksum: | 5fa6300ec5a825d63b978a0cee207a3b |
|
| /// File Name: |
i-bot.txt |
Description:
|
I, Bot, Taking Advantage Of Robots Power. A response to the original bot related article in Phrack written by Michal Zalewski.
| | Author: | Crossbower | | Homepage: | http://www.playhack.net/ | | File Size: | 15138 | | Last Modified: | May 16 22:26:14 2007 |
| MD5 Checksum: | 50a152ffdd28969e6ad885b444f34b17 |
|
| /// File Name: |
041607.html |
Description:
|
The Web Application Security Consortium is proud to present 'The Importance of Application Classification in Secure Application Development'.
| | Author: | Rohit Sethi | | Homepage: | http://www.webappsec.org/ | | File Size: | 44216 | | Last Modified: | Apr 18 20:40:46 2007 |
| MD5 Checksum: | 067f062ee0605f2c9e32f8a6614d533c |
|
| /// File Name: |
RogueXMLSpecific.pdf |
Description:
|
Whitepaper entitled Rogue XML Specifications. It discusses insecurities that relate to XML schema.
| | Author: | Aditya Sood | | Homepage: | http://zeroknock.metaeye.org/ | | File Size: | 222734 | | Last Modified: | Feb 27 19:38:50 2007 |
| MD5 Checksum: | f09a65b98a3e2e12185cf646d3e793ae |
|
| /// File Name: |
draft-larsen.tgz |
Description:
|
Recently, awareness has been raised about a number of "blind" attacks that can be performed against the Transmission Control Protocol (TCP) and similar protocols. The consequences of these attacks range from throughput-reduction to broken connections or data corruption. These attacks rely on the attacker's ability to guess or know the four- tuple (Source Address, Destination Address, Source port, Destination Port) that identifies the transport protocol instance to be attacked. This document describes a simple and efficient method for random selection of the client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. Both text and pdf formats of this paper are included.
| | Author: | Fernando Gont,M. Larsen | | File Size: | 33774 | | Last Modified: | Feb 13 03:14:47 2007 |
| MD5 Checksum: | ea07aacce03e720b7693eb3d90822d48 |
|
| /// File Name: |
Writing_nasl_scripts.pdf |
Description:
|
Small whitepaper discussing Nessus and the functions related to writing NASL scripts along with some debugging tips.
| | Author: | Hemil Shah | | File Size: | 33273 | | Last Modified: | Jan 29 11:40:43 2007 |
| MD5 Checksum: | 36b024263ba35ed9530a0e4f24d249a9 |
|
| /// File Name: |
CogMetaSpamBug.pdf |
Description:
|
Whitepaper entitled the Cognitive Cause Of Metacharacter Spamindexing.
| | Author: | Aditya K Sood | | File Size: | 89056 | | Last Modified: | Jan 15 22:44:00 2007 |
| MD5 Checksum: | 71899baadfdc86bf5a190edde8cd69f7 |
|
| /// File Name: |
vdwgreport.pdf |
Description:
|
The US Department of Homeland Security's "Vulnerability Disclosure Framework" document.
| | Homepage: | http://www.dhs.gov/ | | File Size: | 307070 | | Last Modified: | Jan 13 17:07:56 2007 |
| MD5 Checksum: | 6bdc9752e2b650847982d521426669e4 |
|
| /// File Name: |
Implementing_And_Detecting_A_PCI_Ro..> |
Description:
|
Whitepaper entitled "Implementing and Detecting a PCI Rootkit". This paper discusses means of persisting a rootkit on a PCI device containing a flashable expansion ROM.
| | Author: | John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 304132 | | Last Modified: | Nov 17 20:47:39 2006 |
| MD5 Checksum: | 7084bf1c02b55654aea3de77ef71ed9b |
|
| /// File Name: |
modsecips.html |
Description:
|
Securing LAMP - A whitepaper that discusses a methodology to configure, test, and run a Secure LAMP environment.
| | Author: | Jesus Oquendo | | Homepage: | http://www.infiltrated.net/ | | File Size: | 15428 | | Last Modified: | Nov 13 11:14:29 2006 |
| MD5 Checksum: | bcacccdeb14c1322732a9766c791d51a |
|
| /// File Name: |
Continuity-2006.txt |
Description:
|
Continuity is a free security convention running from 1st to the 3rd December 2006 in Manchester, United Kingdom, open to anyone with a interest in computer security, hacking, phone phreaking, telephony, cryptography, internet security/privacy, urban exploration, social engineering and related subjects.
| | Homepage: | http://www.continuity.org.uk | | File Size: | 2599 | | Last Modified: | Oct 27 17:45:57 2006 |
| MD5 Checksum: | 491043a9ef2a444f724490559225cca4 |
|
| /// File Name: |
virtualmachines.txt |
Description:
|
Paper discussing various ways of detecting virtual machines regardless of the OS used.
| | Author: | Bipin Gautam | | File Size: | 4678 | | Last Modified: | Oct 27 15:33:01 2006 |
| MD5 Checksum: | 21cbc35e13a2ab126eacb9eee82dd46d |
|
| /// File Name: |
SyscalltableAMD64EN.txt |
Description:
|
Whitepaper titled "How to get sys_call_table on amd64 under Linux".
| | Author: | pouik | | File Size: | 9327 | | Last Modified: | Oct 18 19:35:23 2006 |
| MD5 Checksum: | cb8bcc65f01e76177ffea9b98ef6102c |
|
| /// File Name: |
binfmt-en.pdf |
Description:
|
Polluting sys_execve() in kernel space without depending on the sys_call_table[]: A paper discussing design weaknesses in the linux kernel's handling of simply linked lists used to register binary formats. English version.
| | Author: | SHELLCODE Security Research TEAM | | Homepage: | http://www.shellcode.com.ar | | File Size: | 387120 | | Last Modified: | Oct 9 19:47:50 2006 |
| MD5 Checksum: | cbc9e056a14996a9afd144bb757b9ce5 |
|
| /// File Name: |
binfmt-es.pdf |
Description:
|
Polluting sys_execve() in kernel space without depending on the sys_call_table[]: A paper discussing design weaknesses in the linux kernel's handling of simply linked lists used to register binary formats. Spanish Version.
| | Author: | SHELLCODE Security Research TEAM | | Homepage: | http://www.shellcode.com.ar | | File Size: | 392521 | | Last Modified: | Oct 9 19:46:25 2006 |
| MD5 Checksum: | ed63f18b799338c8d20d7f13b9c637fe |
|
| /// File Name: |
vuln-trends.txt |
Description:
|
The primary goal of this whitepaper is to provide analysis that studies research trends using publicly reported vulnerabilities.
| | Author: | Steven M. Christey | | Homepage: | http://cwe.mitre.org/ | | File Size: | 77213 | | Last Modified: | Oct 8 23:02:12 2006 |
| MD5 Checksum: | 72c0a21ea7ec0241752f95032c5650bf |
|
| /// File Name: |
RCE_PDF.zip |
Description:
|
This paper is intended as an introduction to reverse engineering for someone who has no experience on the subject.
| | Author: | Craig Heffner | | Homepage: | http://www.craigheffner.com/ | | File Size: | 513936 | | Last Modified: | Sep 7 04:14:14 2006 |
| MD5 Checksum: | d0323f4d500864e2a4fd71e1607fc5a1 |
|
| /// File Name: |
VT-belva-dekay-final.pdf |
Description:
|
Whitepaper titled "Creating Business Through Virtual Trust: How to Gain and Sustain a Competitive Advantage Using Information Security".
| | Author: | Kenneth F. Belva,Sam H. Dekay | | Homepage: | http://www.ftusecurity.com/ | | File Size: | 187709 | | Last Modified: | Aug 28 23:09:56 2006 |
| MD5 Checksum: | 7f6b399cf8ffbbe96ca5477648dc7c60 |
|
| /// File Name: |
bufferPeek.txt |
Description:
|
Buffer Overflows, A Peek Under The Hood volume 1.0.
| | Author: | Zapotek | | File Size: | 73880 | | Last Modified: | Aug 27 19:02:29 2006 |
| MD5 Checksum: | 4c4088bc8bacc069c8718d8be7293095 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
