researchlatest
automatic password rule analysis and generation
The field of password cracking has evolved by leaps an bounds over the last decade with the introduction of new cracking techniques, more advanced software and significantly faster hardware. One area which I find most fascinating is rule-based cracking. An attacker can develop a set of word mangling rules (e.g. substitute all 'a's to '@'s, upper-case every third letter, etc.) in order to attack non-random passwords which use slightly modified dictionary words. The purpose of this research is to develop an automated method of analyzing a large body of leaked passwords in order to come up with a list of frequently used words and rules to make up passwords. Read more.
ios data interception
Network traffic analysis is an important ingredient of a good iOS app pentest. The article covers several common approaches to iOS specific data interception such as network proxying, defeating network encryption, traffic injection and others. Read more.
writing nmap nse scripts for vulnerability scanning
The article discusses capabilities and application of Nmap Scripting Engine for the purpose of vulnerability scanning. By adapting code snippets covered here, you will be able to quickly develop, scan and generate reports for new vulnerabilities without waiting for mainstream scanners. Read more.
getting from seh to nseh
A collection of techniques on Windows SEH exploitation. Specifically the article covers methods of reliable exploit development by getting from a successfully overwritten pointer to Exception Handler (SEH) to the pointer to the Next Exception Handler (NSEH) struct. Read more.
john the ripper
John the Ripper is a multi-platform password cracking tool. Read more.
packet filtering
Packet filtering is an important skill when capturing and managing large network dumps. In this article you will learn several tools and techniques used to simplify searching and extraction of useful data from captured data. Read more.
scapy
Scapy is a packet forging tool using Python as its domain specific language. It was developed by Philippe Biondi in 2003. Read more.
tor control protocol
Tor implements a highly customizable control protocol which can be used to tune almost all aspects of its operation. In this article you will learn how to fine tune Tor client's operation, query runtime information, as well as create circuits of arbitrary size. Read more.
tls and ssl cipher suites
TLS/SSL protocols support a large number of cipher suites. A cipher suite is a collection of symmetric and asymmetric encryption algorithms used by hosts to establish a secure communication. Supported cipher suites can be classified based on encryption algorithm strength, key length, key exchange and authentication mechanisms. Some cipher suites offer better level of security than others (e.g. Several weak cipher suites were developed for export to comply with US export law). There are more than 200 known cipher suites. Read more.
