Section: .. / papers / general /
| /// File Name: |
z4ck-book_final.pdf |
Description:
|
Z4CK is a cyber thriller which includes a gripping story line with an insight into realistic hacker tools and techniques. The main story is about a hacker who creates the ultimate security tool capable of breaching any network security. Other tools such as Nmap, Nessus, Hydra, and Netcat are also put to good use in this novel. The PDF is completely free to download.
| | Author: | Kev Milne | | Homepage: | http://www.z4ck.org | | Related File: | digiforce-isbn-0955292905.pdf | | File Size: | 1406687 | | Last Modified: | Jun 28 22:22:11 2006 |
| MD5 Checksum: | daa81c32eef55724ce130f8638bbcb2b |
|
| /// File Name: |
digiforce-isbn-0955292905.pdf |
Description:
|
Digital Force is the follow-up to Z4CK. Again realistic hacker techniques and tools in this cyber-thiller which has several twists. Duncan Steele must work for the UK Government elite hacker unit 'cyber-secure'.
| | Author: | Kev Milne | | Homepage: | http://www.z4ck.org | | Related File: | z4ck-book_final.pdf | | File Size: | 850618 | | Last Modified: | Jun 28 22:20:06 2006 |
| MD5 Checksum: | bbe57037954b16f5997f8b1f313c672e |
|
| /// File Name: |
bbpaint.pdf |
Description:
|
Whitepaper describing how ptrace() might be used to build a Control Flow Integrity system.
| | Author: | Sebastian Krahmer | | File Size: | 2150784 | | Last Modified: | Jun 26 23:40:45 2006 |
| MD5 Checksum: | b4fc325a07b02849e37e300fd38f2b7f |
|
| /// File Name: |
instrumental.pdf |
Description:
|
Whitepaper discussing how to generate runtime call graphs using certain GCC features.
| | Author: | Sebastian Krahmer | | File Size: | 406833 | | Last Modified: | Jun 26 23:39:35 2006 |
| MD5 Checksum: | 4406692f431765df98c31d321f8c9fcc |
|
| /// File Name: |
stakkato.pdf |
Description:
|
Paper discussing the Stakkato intrusions which ultimately resulted in the theft of IOS source code released by one of the affected sites detailing how they caught stakkato.
| | Author: | Micheal Turner | | Homepage: | http://www.nsc.liu.se/~nixon/stakkato.pdf | | File Size: | 163111 | | Last Modified: | May 25 21:30:34 2006 |
| MD5 Checksum: | 3a6f5bc541aea4bfd352fdd6d8431aeb |
|
| /// File Name: |
Becoming_a_Hacker_-_Part_1.pdf |
Description:
|
An introductory paper for would-be hackers. It could also prove useful for network admins and hackers that want to improve themselves. Chapters include: The OS, Understanding TCP/IP, Becoming a Hacker, WHOIS Databases, Basic Tracerouting and Path Analysis, Mapping with DNS and Geolocation and more.
| | Author: | Elite Nabukadnezar | | File Size: | 937329 | | Last Modified: | Apr 28 19:58:49 2006 |
| MD5 Checksum: | a1f9344215ff0a8ba83d3479fe01d821 |
|
| /// File Name: |
AnonMoney.zip |
Description:
|
An interesting paper on using the TOR network to anonymously collect funds with eGold.
| | Author: | Mr Babs | | File Size: | 27881 | | Last Modified: | Apr 28 12:47:57 2006 |
| MD5 Checksum: | dd9e819d06c9b8ad5e1c6d1b4d87ce5c |
|
| /// File Name: |
A_Modular_Approach_to_Data_Validati..> |
Description:
|
This paper presents a modular approach to performing thorough data validation in modern web applications so that the benefits of modular component based design; extensibility, portability and re-use can be released. The paper begins with an explanation of the vulnerabilities introduced through poor validation and then goes on to discuss the merits of a number of common data validation methodologies. A modular approach is introduced together with practical examples of how to implement such a scheme in a web application. It also provides information on common attack vectors, principles of validation, a modular solution and implementation of that solution.
| | Author: | Stephen de Vries | | Homepage: | http://www.corsaire.com/ | | File Size: | 382808 | | Last Modified: | Apr 12 14:59:25 2006 |
| MD5 Checksum: | a0b2f3ac1b5d56c1eb5b580c14a11f16 |
|
| /// File Name: |
report.pdf |
Description:
|
Whitepaper discussing how DNS can be used for detecting and monitoring in a network.
| | Author: | Antoine Schonewille,Dirk-Jan van Helmond | | File Size: | 244923 | | Last Modified: | Feb 25 20:34:33 2006 |
| MD5 Checksum: | 741418521669132f0fd03db71e85f5c9 |
|
| /// File Name: |
httpResponseSmuggle.txt |
Description:
|
Whitepaper entitled "HTTP Response Smuggling". It discusses evasion techniques to bypass anti-HTTP response splitting strategies.
| | Author: | Amit Klein | | File Size: | 23560 | | Last Modified: | Feb 25 17:15:15 2006 |
| MD5 Checksum: | 028a2ccfa04710b1e9b0329c14a9e4ee |
|
| /// File Name: |
InformationSecurity.pdf |
Description:
|
Whitepaper entitled "The Role of Modeling and Simulation in Information Security".
| | Author: | Mohammad Heidari | | File Size: | 414687 | | Last Modified: | Feb 9 00:02:52 2006 |
| MD5 Checksum: | 9a3b07d375e390281e4dc563bbebf6b8 |
|
| /// File Name: |
malware-trends.pdf |
Description:
|
What are the driving forces behind the rise of malware? Who is behind it, and what tactics do they use? How are vendors responding, and what should organizations, researchers, and end users keep in mind for the upcoming future? These and many other questions will be discussed in this article, combining security experience, business logic, a little bit of psychology, market trends, and personal chats with knowledgeable folks from the industry.
| | Author: | Dancho Danchev | | Homepage: | http://ddanchev.blogspot.com/ | | File Size: | 990531 | | Last Modified: | Jan 11 01:05:37 2006 |
| MD5 Checksum: | 3452a22642ccd435f41d3b4b964fec30 |
|
| /// File Name: |
wmf-faq.txt |
Description:
|
A brief faq regarding the recent Microsoft Windows WMF vulnerability.
| | Author: | H D Moore | | File Size: | 3905 | | Last Modified: | Jan 8 00:13:49 2006 |
| MD5 Checksum: | c4aa0fb7f467b7586999221784a46bb7 |
|
| /// File Name: |
UBehavior.zip |
Description:
|
Whitepaper discussing the exploitation of uninitialized data.
| | Author: | mercy | | Homepage: | http://www.felinemenace.org/ | | File Size: | 372833 | | Last Modified: | Jan 4 00:17:44 2006 |
| MD5 Checksum: | d247ac8afbe9033ebea4e8d93a16806b |
|
| /// File Name: |
wiretap.pdf |
Description:
|
Signaling Vulnerabilities In Wiretapping Systems. This white paper discusses vulnerabilities and countermeasures that exist within commonly used wiretapping systems by the government.
| | Author: | Micah Sherr,Eric Cronin,Sandy Clark,Matt Blaze | | Homepage: | http://www.crypto.com/papers/wiretapping/ | | File Size: | 464443 | | Last Modified: | Dec 10 16:37:51 2005 |
| MD5 Checksum: | 60ff9fa476112db51624c46807aa29b8 |
|
| /// File Name: |
perl-format-string.txt |
Description:
|
Format String Vulnerabilities in Perl Programs - Whitepaper discussing all the attack and impact details of recent discussions surrounding format string exploitation in perl. Provides further insight on how these flaws can be manipulated and has examples.
| | Author: | Steven M. Christey | | File Size: | 25936 | | Last Modified: | Dec 3 01:06:52 2005 |
| MD5 Checksum: | ff51ff0694b291ce947b9effb9227978 |
|
| /// File Name: |
BlockingSkype-rootn0de2005.pdf |
Description:
|
Whitepaper called Blocking Skype Using Squid And OpenBSD.
| | Author: | vi_cipher | | File Size: | 18212 | | Last Modified: | Nov 15 06:01:59 2005 |
| MD5 Checksum: | 909e63b1e1ea395ba89d9de7898c392f |
|
| /// File Name: |
neural_networks.txt |
Description:
|
NEURAL NETWORKS and their applicability in security field - Neural networks are widely used for prediction, pattern recognition, and classification. Voice or handwriting recognition problems are very hard to solve using standard programs and algorithms. This paper discusses the applicability of neural networks in security applications.
| | Author: | haker haker | | File Size: | 6384 | | Last Modified: | Oct 25 20:32:23 2005 |
| MD5 Checksum: | 439ec7f50261d19bfc0c477a4b4d0e12 |
|
| /// File Name: |
ewdd.pdf |
Description:
|
Exploiting Windows Device Drivers - this paper introduces device driver exploitation techniques, provides detailed descriptions of techniques used and includes full exploit code with sample vulnerable driver code for testing purposes.
| | Author: | Piotr Bania | | Homepage: | http://pb.specialised.info/ | | File Size: | 232971 | | Last Modified: | Oct 18 19:40:44 2005 |
| MD5 Checksum: | c5eaa08dfb7ca0000e1705388a72e1a3 |
|
| /// File Name: |
WASC-TC-v1_0.txt |
Description:
|
Whitepaper detailing the Threat Classification system for the Web Application Security Consortium. The Web Security Threat Classification is a cooperative effort to clarify and organize the threats to the security of a web site. The members of the Web Application Security Consortium have created this project to develop and promote industry standard terminology for describing these issues. Application developers, security professionals, software vendors, and compliance auditors will have the ability to access a consistent language for web security related issues.
| | Homepage: | http://www.webappsec.org | | File Size: | 118904 | | Last Modified: | Oct 7 00:18:31 2005 |
| MD5 Checksum: | 71a846da8ad5c8d4f051c2340114b530 |
|
| /// File Name: |
Security_Breach_Survey.pdf |
Description:
|
White and Case, a top NYC law firm, posted a survey on Data Security Breach Notifications on September 26, 2005. From the press release: "Victims of personal data security breaches are showing their displeasure by terminating relationships with the companies that maintained their data, according to a new national survey sponsored by global law firm White & Case. The independent survey of nearly 10,000 adults, conducted by the respected privacy research organization Ponemon Institute, reveals that nearly 20 percent of respondents say they have terminated a relationship with a company after being notified of a security breach."
| | Author: | Ponemon Institute | | Homepage: | http://www.whitecase.com/news/news_detail.aspx?newsid=11731&type=News%20Releases | | File Size: | 330889 | | Last Modified: | Oct 4 00:14:13 2005 |
| MD5 Checksum: | 57fc4866bcbc56b61a9f66cfed7993e4 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
