Archives
RDP Cert Scan with nmap
Pop ESP
Use After Free Exploits for Humans Part 1 – Exploiting MS13-080 on IE8 winxpsp3
Crypto Attacker Burp Plugin
Belated Codegate 2014 Quals Writeups and Lessons Learned
MSCash Hash Primer for Pentesters
Soft Function Hooking with windbg and pykd
Code Execution (Post Exploit) Order of Operations
A few Metasploit Post Exploit Resource Scripts
Yet another VBS pwncode generator
The Deputies are Still Confused (Full talk and content from Blackhat EU)
Powershell Portscanner
CSRF tips for dealing with x-frame-options
Cookie Tossing in the Middle
Common OAuth issue you can use to take over accounts
Qualys validaterequest ‘finding’ is an Annoying PCI Problem
Using windbg to beat my dad at chess
DPAPI Primer for Pentesters
Common .NET ViewstateUserKey CSRF Issue
.NET MVC AntiforgeryToken CSRF Testing
Stripping the Referer in a Cross Domain POST request
ValidateRequest should probably still be Enabled
Free Stanford ‘Intro to Cryptography’ Class Review
BeEf Clickjacking Module and using the REST API to Automate Attacks
Extracting Certificate Info from Things (like web services)
CSAW 2012 Quals Tutorial/Writeup
CVE-2012-5357,CVE-1012-5358 Cool Ektron XSLT RCE Bugs
Rocking the Vote to Figure out how old my ex-Boss is
Dan Guido’s Favorite Food? (A script to search reddit comments)
Defcon 2004 CTF Quals Writeup
Clickjacking Google
AV Evading Meterpreter Shell from a .NET Service
Redirecting STDIN on windbg
Analysis of John Wilander’s Triple Submit Cookies
Metasploit Generic NTLM Relay Module
Some Practical ARP Poisoning with Scapy, IPTables, and Burp
Interesting Problems with .NET IsPostBack()
Google Docs Billion Laughs
PPP pwnables 99
Hello WordPress.com
3 Quick Metasploit Tips
Calculating an Integer Overflow
Blind Second Order SQL Injection with Burp and SqlMap
Some Interesting URI Parsing Quirks and Open Redirects
Server Shells from Web Clientside Attacks
Auto login to LiveID with Burp Macros/Session
DOM XSS Behind a WAF
Serving Back XML for XSS
Is it already 2012?
Linkedin Crawler
Toorcon 2010 Talk
email_spider
pydbg reverseme solution
Reverseme Windows Keygen
Nmap script to detect Debian OpenSSL Random Number Generator Weakness
Reverseme: Namegenme
Reverseme: Easy Windows Using Reflector
Reverseme: Easy Windows
nmap script to try and detect login pages
Nessus Grep
calling convention cheat sheet
snmp cheatsheet
Nessus with Nikto – Running out of memory
proxychains – handy tool!
mycontroller – done
Auto Pw Change
Where was the Hacker in the Room for X-FRAME-OPTIONs?
8-queens problem hill climbing python implementation
The square of random is less uniform (derr)
Finished RTOS similar to FreeRTOS
Paper Fun: Simplified Single Packet Authorization
Paper fun: Concerns with Time-Space Based Wireless Security
GPG Cheat Sheet
Simpson’s Paradox
execv-like system call
I thought of a new slogan for cups…
RTOS and the Parallax Propeller
browsing with firefox, tor, refcontrol, and noscript on ubuntu
playing a scale with the atmega16
Security in an Insecure Environment
Format String Exploits
avr interrupts
stk500 avr atmega16 linux gcc hello, world
php multiuser system – the www-data problem
Auto Restore Virtualbox
Social Network Analysis of Disclosure
Count number of lines in a file
mounting partitions from a disk image
Bash Error Checking
sorta captcha breaking thing
An analysis of a Time Synchronization Protocol
madwifi == awesome
gcc security tips
convert flash to mp3
HTTP over SSH
2.0.38 /usr/src/linus/fs/ufs/ufs_super.c
modular exponentiation python program
Analysis of a proposed key-management scheme for DSN
gnu readline – python
Golay G24
isbn-10 validity identifier
wargames reverseme
python anagram finder
Windows reverseme – nothing tricky
Basic TKinter GUI format in python
rdp over ssh into your office box
md5check directories
recursive remove in python
ISUbuntu
my home voip setup
process monitoring with kill
ldap by hosts
The easiest way to backup an ldap database
wget login pages
Using smbclient to view public cifs shares
Encrypt a message with RSA in python
Get Weather from the commandline
Simple Beauty Website Baker Template
syn cookies
sizeof()
Privilidge Separation in sshd
Small Steps
getfacl, setfacl
swappiness is the route to happiness
fail2ban attack
strong passwords with pam_cracklib
Unintended consequences of half open scans
View/change UUID in Linux
Spoofing IP Addresses
Reverseme – windows
fpdns
syscall table
Bash Bomb
vim tricks – different types of insert, repeat
vim trick – restoring something you delete
mycontroller – Cache
Windows Password, geygen, password reverseme
Reverseme – very very easy Linux
Rescue initramfs
websitebaker module: Random pic with text
Really global environment variables for ssh
chkrootkit
Build a Bridge and Get Over it
mycontroller – DMA
Matrix Multiplication Optimization in C++
print shell code
unmask – python profiling tool
websitebaker modules
ssh-keygen -R
The Magic Constant
Getting rid of the Lame Ubuntu Splash screen
add some color to your man
scanrand
mycontroller – RAM
Program Counter
RAMEL
Broadcom Wireless and Linux
TCP/IP Drinking Game
Matching Regular Expressions that don’t end with…
Longest Common Subsequence in C++
Hanging mount (not the way you like it)
Reverseme – Trivial Linux
Rotating a movie with mencoder
vim tricks
Get Mail List from LDAP
Common Permission Error
PDPTA Paper
Zombie Killer
Readelf – a sexy little elf
Boot Ubuntu into Runlevel 3