|
|
posted in Reading material on Jul 19th, 2010
O’Reilly and also Galileocomputing publish some of their books besides the print version also as PDF. Means you can download them legally from the Inet and use them for your work. Of course you can also download other titles that are not listed in their Openbook directory from the web, bittorrent, emule, etc. The legal [...]
posted in Reading material on Feb 27th, 2010
I found an intresting article on the symantec blog why the old pattern matching AV method fails more and more and how they face this situation. A recommended reading during a coffee break. Reputation-based Security: Suspicious.Insight detections on Virus Total We recently upgraded our scanner on Virus Total to include our new reputation-based security engine. [...]
posted in Reading material on Jan 2nd, 2010
Larry Seltzers glossary about wireless security terms found on www.eweek.com. Wireless Security: A Partial Glossary of Wireless Security Terms Just about a month ago, in early November, the news came out that the first cracks were appearing in WPA, or Wi-Fi Protected Access, a very popular wireless security standard. The compromise that was accomplished by [...]
posted in Coders corner, Reading material, Stuff on Jan 2nd, 2010
This article will take you through the basic steps of building an executable crypter. All of the steps performed in this article require manual setup and integration to prepare the exe for the crypter stub. The focus of this article is to walk you through the theory and knowhow of how crypters work and does [...]
posted in Reading material, Stuff on Nov 27th, 2009
Nice article about botnets, click fraud and spamming. You can find the original article (written by Yury Namestnikov) on www.viruslist.com. The Economics of Botnets In the past ten years, botnets have evolved from small networks of a dozen PCs controlled from a single C&C (command and control center) into sophisticated distributed systems comprising millions of [...]
posted in Reading material, Stuff on Nov 8th, 2009
This is the document with the proof of concept which explains the attack on the SSL/TLS reconnect vulnerability. It allows to inject data into the encrypted data stream, often without detection by either end of the connection. I normally don’t publish exploit codes because of it’s short time value. But this one is rather special. [...]
posted in Reading material, Stuff on Nov 1st, 2009
This is a document from 2005. Quite old you may think but the techniques described there still work today. In the meantime, after four years, there is still no real remedy to stop people conducting such kind of attacks. DDos, SYN flooding and smurf attacks are still a problem. Also because there is some code [...]
posted in Reading material on Oct 14th, 2009
Introduction This tutorial walks you though a very simple case to crack a WEP key. It is intended to build your basic skills and get you familiar with the concepts. It assumes you have a working wireless card with drivers already patched for injection. It is recommended that you experiment with your home wireless access [...]
posted in Antivirus, Reading material on Oct 9th, 2009
An article that describes in simple steps how an AV engine is structured. Easy to understand, not too technical and without any code. Building an Anti-Virus engine (by Markus Schmall, 2002) The article will describe the basic ideas, concepts, components and approaches involved in developing an anti-virus program from scratch from a developer’s/software engineer’s point [...]
posted in Reading material, Stuff on Oct 8th, 2009
Besides the old SkypeTrojan rootkit I’ve found other documents and tidbits from that time (it was in about 2005/2006). For example Kodmaker wrote an article about rootkits in the Windows user space for the Phrack magazine, how to inject code into a running process, how to take over applications, how to extract account data from [...]
© 2010 all rights reserved.