Exploitation

Tue
23
Feb

NDI5aster – Privilege Escalation through NDIS 5.x Filter Intermediate Drivers

Contributed by KyREcon

Mon
11
Jan

Exploiting JSON Framework : 7 Attack Shots

Contributed by Aditya K Sood

This article define the layout of the exploiting factors of web attacks ie where the JSON framework is compromised.The article is consistent in explaining the pros of the web attack related to JSON.

This document is in PDF format. To view it click here.

Fri
08
Jan

Purple Paper: Exegesis of Virtual Hosts Hacking

Contributed by Petro Petkov and Pagvac (Adrian Pastor)

There is a lot that we can say about finding virtual hosts from a given IP address. Sometimes this task is straightforward, other times a bit of thinking is required. However, in general it is not a mission impossible.

During the last few years, domain name databases have emerged like mushrooms after a rainy day. This has certainly increased the awareness among security professionals about the possibility of using virtual hosts as backdoors when testing the security of a given organization. In reality, a good attacker will try to break into your organization by knocking on the not-so-obvious doors.

Fri
08
Jan

The Evolution of Malicious Agents

Contributed by Lenny Zeltser

This article examines the evolution of malicious agents by analyzing features and limitations of popular viruses, worms, and trojans, detailing the possibility of a new breed of malicious agents currently being developed on the Internet.

This document is in PDF format. To view it click here.

Mon
04
Jan

Content-based Blind Injection Using By Double Substring

Contributed by Zamteng

Blind SQL injection is a type of SQL Injection attack that asks the database true or false questions and determines the answer based on the applications response (Content-based, Time-based)

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Exploitation