THE

SPRAWL

  •  
  •  
  •  
  • sprawllatest

    19 jul
    2015
    spam nation

    Spam Nation is a non-fiction book written by Brian Krebs, a well known journalist and the author of the KrebsOnSecurity.com blog. The book's primary focus is on the cybercrime coming from the post-Soviet states, especially related to spam. The main story line revolves around Pavel Vrublevsky and Igor Gusev, two partners in crime who, like in a classic gangster flick, become enemies and start an all out war of attrition - “Pharma Wars”. Bribing politicians, hiring FSB agents, hacking and leaking each other's databases anything goes in this personal fight. Along the way you will learn about the inner workings of the massive spam operations and the political, criminal, financial, and social forces that drive them. Read more.

    the 414s: the original teenage hackers

    A short documentary by Michael T. Vollmann explores the birth, the exploits, and the eventual demise of The 414s - a hacker group active in the early 1980s until the summer of 1983. The documentary offers an interesting look into the early innocent days of hacking, especially just how influential the movie Wargames was to bring mainstream recognition. At the same time, the ease with which The 414s could penetrate even the more sensitive computers and the lack of laws to prosecute the adult members of the group resulted in the series of laws including the infamous Computer Fraud and Abuse Act (CFAA) of 1986. Read more.

    dnschef

    Download dnschef-0.3.zip
    Size 2.5 MB
    DateNovember 6th, 2014
    Version0.3

    DNSChef is a highly configurable DNS Proxy for Penetration Testers and Malware Analysts. It is capable of fine configuration of which DNS replies to modify or to simply proxy with real responses.

    Version 0.3 introduces support for more DNS record types, DNSSEC, logging, more configurable remote nameservers, support for the updated dnslib library and several bug fixes.

    Version 0.2 introduces IPv6 support, large number of new DNS record types, custom ports and other frequently requested features. Read more.

    01 oct
    2014
    exodus - vuln-dev - master class

    A few weeks ago I had a great pleasure of studying at a week-long training taught by Exodus Intelligence. The Vulnerability Development - Master Class was taught by Aaron Portnoy, Zef Cekaj, and Peter Vreugdenhil. The class had an excellent presentation of two complementary yet unique subjects of vulnerability discovery and exploit development primarily under Windows environment. The instructors are truly masters of their field which was reflected in the great quality and depth of the material.

    While it is still fresh in my mind, I would like to share with you some of the notes on the covered subjects, the recommended prerequisites, and tips on how to get the most out of this very intensive training. Read more.

    ida sploiter

    Download idasploiter-1.0.zip
    Size 25.4 KB
    DateSeptember 14th, 2014
    Version1.0

    IDA Sploiter is a plugin for Hex-Ray's IDA Pro disassembler designed to enhance IDA's capabilities as an exploit development and vulnerability research tool. Some of the plugin's features include a powerful ROP gadgets search engine, semantic gadget analysis and filtering, interactive ROP chain builder, stack pivot analysis, writable function pointer search, cyclic memory pattern generation and offset analysis, detection of bad characters and memory holes, and many others. Read more.

    ida patcher

    Download idapatcher-1.2.zip
    Size 6.0 KB
    DateSeptember 13th, 2014
    Version1.2

    IDA Patcher is a plugin for Hex-Ray's IDA Pro disassembler designed to enhance IDA's ability to patch binary files and memory. The plugin is useful for tasks related to malware analysis, exploit development as well as bug patching. IDA Patcher blends into the standard IDA user interface through the addition of a subview and several menu items. Read more.

    ida pomidor

    Download idapomidor-1.0.zip
    Size 69.5 KB
    DateSeptember 12th, 2014
    Version1.0

    IDA Pomidor is a plugin for Hex-Ray's IDA Pro disassembler that will help you retain concentration and productivity during long reversing sessions. Read more.

    corelan - integer overflows - exercise solution

    A solution to the exercise in the Corelan article Root Cause Analysis - Integer Overflows on exploiting integer and heap overflows. The solution illustrates massaging the heap into a vulnerable state by corrupting the Windows front-end allocator and finally exploiting it to gain arbitrary code execution. Read more.



    π
    ///\oo/\\\