Exploitation

Fri
06
Nov

Stuxnet

Contributed by Andrew Jenkins

Imagine a future when a virus is smart enough to evade detection, and stealthily spread between computers, even ones that are not networked together. Thanks to a virus called Stuxnet that future has become the present. Stuxnet is a computer virus that targets specific industrial control systems. Industrial control systems are used in manufacturing systems as well as to control electrical, water and power plants. Stuxnet’s main goal was to damage centrifuge rotors inside the Natanz Nuclear Fuel Enrichment Plant located in Iran. It seeks to reach this goal through the use of two methods. Stuxnet is unique because it is one of the first cyber-physical attacks in history. This kind of attack is computer or cyber based but the result causes physical damage. This paper seeks to describe how Stuxnet functioned and how such a threat can be prevented in the future.

Mon
02
Nov

Writing Cisco IOS Rootkits

Contributed by Luca

Fri
02
Oct

Cookie Dethroning: DEMYSTIFIED (Part 2 of 2)

Contributed by Zer()Kn()ck

This Paper Is Extensively Designed For Digging deep into cookies. It jolts the cookie analysing and exploitation of cookies at the extremity. This is undertaken to have an eye on the cookie manipulation ,hacks and exploits that can be processed by an attacker for extracting information from the system on the fly.

This document is in PDF format. To view it click here.

Fri
02
Oct

Cookie Dethroning: DEMYSTIFIED (Part 1 of 2)

Contributed by Zer()Kn()ck

This Paper Is Extensively Designed For Digging deep into cookies. It jolts the cookie analysing and exploitation of cookies at the extremity. This is undertaken to have an eye on the cookie manipulation ,hacks and exploits that can be processed by an attacker for extracting information from the system on the fly.

This document is in PDF format. To view it click here.

Wed
23
Sep

What is TEMPEST?

Contributed by

Ok prepare to strap that tinfoil hat on two notches below excruciating; we’re going to talk about TEMPEST. What is TEMPEST? It’s defined in NSTISSI-7000 as:
Electronic and electromechanical information-processing equipment can produce unintentional intelligence-bearing emanations, commonly known as TEMPEST. If intercepted and analyzed, these emanations may disclose information transmitted, received, handled, or otherwise processed by the equipment.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Exploitation