posted in Info, Reading material on Apr 14th, 2012
Phrack #68 is finally out. Android Kernel Rootkit – dong-hoon you Happy Hacking – anonymous author Practical cracking of white-box implementations – sysk Single Process Parasite – Crossbower Pseudomonarchia jemallocum – argp & huku Infecting loadable kernel modules: kernel versions 2.6.x/3.0.x – styx^ The Art of Exploitation: MS IIS 7.5 Remote Heap Overflow – redpantz [...]
read full post »
posted in Reading material on Mar 4th, 2011
pcap_compile() is used to compile a string into a filter program. The resulting filter program can then be applied to some stream of packets to determine which packets will be supplied to pcap_loop(), pcap_dis- patch(), pcap_next(), or pcap_next_ex(). The filter expression consists of one or more primitives. Primitives usually consist of an id (name or [...]
read full post »
posted in Info, Reading material on Dec 4th, 2010
I tweeted it but forgot to tell it here … Phrack #67 is there. What is Phrack? Phrack is an ezine written by and for hackers, the longest running hacker magazine first published in 1985. Here the TOC Introduction The Phrack Staff Phrack Prophile on Punk The Phrack Staff Phrack World News EL ZILCHO Loopback [...]
read full post »
posted in Reading material on Jul 19th, 2010
O’Reilly and also Galileocomputing publish some of their books besides the print version also as PDF. Means you can download them legally from the Inet and use them for your work. Of course you can also download other titles that are not listed in their Openbook directory from the web, bittorrent, emule, etc. The legal [...]
read full post »
posted in Reading material on Feb 27th, 2010
I found an intresting article on the symantec blog why the old pattern matching AV method fails more and more and how they face this situation. A recommended reading during a coffee break. Reputation-based Security: Suspicious.Insight detections on Virus Total We recently upgraded our scanner on Virus Total to include our new reputation-based security engine. [...]
read full post »