Exploitation

Thu
20
Aug

Facebook Hacking

Contributed by Raj Chandel (www.hackingarticles.in)

Facebook was founded by 2004 by Harvard student Mark Zuckerberg and originally called thefacebook. It was quickly successful on campus and expanded beyond Harvard into other Ivy League schools. With the phenomenon growing in popularity, Zuckerberg enlisted two other students, Duston Moskovitz and Chris Hughes, to assist. Within months, thefacebook became a nationwide college networking website.

This document is in PDF format. To view it click here.

Tue
11
Aug

Penetration testing – A Systematic Approach

Contributed by Manish Saindane

The basic idea behind writing this article was to put forward a systematic approach that needs to be followed to perform a successful penetration test. It has been written keeping in mind both, existing penetration testers as well as newcomers who want to make this field as a career. People responsible for maintaining security in an organization can refer to this and know what they can expect from such an exercise.

This document is in PDF format. To view it click here.

Mon
03
Aug

Vulnerability Enumeration For Penetration Testing

Contributed by Aelphaeis Mangarae and restored from the Infosecwriters archives

This paper is a sequel to my “Learn Information Gathering By Example”. This paper will go through looking for Vulnerabilities in remote system(s), which is what you would do in a Penetration Test after gathering information on the target. I will be using real world examples for nearly everything in this paper.

Although I covered scanning a network range for possible targets in my last paper I will cover it again in this paper, because it is related. I am aware that 99.5 % of people will already know how to do this, and should know how to do it. For the sake of complete beginners I will cover it again. Not everything covered in this paper is entirely legal to do in some countries to remote machines with out the owner’s permission.

This document is in PDF format. To view it click here.

Wed
29
Jul

The Heartbleed Bug

Contributed by Librado Santibanez

A confounding computer bug called “Heartbleed” is causing major security worries across the internet. Heartbleed affects many things, including web servers, routers that connect office networks to the internet, mobile apps and VPNs (Virtual Private Network). It has been estimated that 60 percent of secure web sites that are using OpenSSL are affected. In addition, Heartbleed cannot be traced. In many cases, online access to web sites were shut down for several days until it could be patched and upgrade for Heartbleed. What is Heartbleed bug? How does it work? What does it affect? Who created the bug and when? What do we need to know? How can we fix it? Overall, these are the most frequently asked questions as a client and server.

This document is in PDF format. To view it click here.

Wed
29
Jul

Known Attacks Against Smartcards

Contributed by Hagai Bar-El

This document analyzes, from a technical point of view, currently known attacks against smart card implementations.

The purpose of this analysis is to give the necessary background for the assessment of the mechanisms that can enhance the security of smart cards. This document is mainly intended for people who are considering the use of cryptographic modules and who need to compare several options with respect to their security.

This document is in PDF format. To view it click here.

Pages

Subscribe to RSS - Exploitation