Archives
- RDP Cert Scan with nmap
- Pop ESP
- Use After Free Exploits for Humans Part 1 – Exploiting MS13-080 on IE8 winxpsp3
- Crypto Attacker Burp Plugin
- Belated Codegate 2014 Quals Writeups and Lessons Learned
- MSCash Hash Primer for Pentesters
- Soft Function Hooking with windbg and pykd
- Code Execution (Post Exploit) Order of Operations
- A few Metasploit Post Exploit Resource Scripts
- Yet another VBS pwncode generator
- The Deputies are Still Confused (Full talk and content from Blackhat EU)
- Powershell Portscanner
- CSRF tips for dealing with x-frame-options
- Cookie Tossing in the Middle
- Common OAuth issue you can use to take over accounts
- Qualys validaterequest ‘finding’ is an Annoying PCI Problem
- Using windbg to beat my dad at chess
- DPAPI Primer for Pentesters
- Common .NET ViewstateUserKey CSRF Issue
- .NET MVC AntiforgeryToken CSRF Testing
- Stripping the Referer in a Cross Domain POST request
- ValidateRequest should probably still be Enabled
- Free Stanford ‘Intro to Cryptography’ Class Review
- BeEf Clickjacking Module and using the REST API to Automate Attacks
- Extracting Certificate Info from Things (like web services)
- CSAW 2012 Quals Tutorial/Writeup
- CVE-2012-5357,CVE-1012-5358 Cool Ektron XSLT RCE Bugs
- Rocking the Vote to Figure out how old my ex-Boss is
- Dan Guido’s Favorite Food? (A script to search reddit comments)
- Defcon 2004 CTF Quals Writeup
- Clickjacking Google
- AV Evading Meterpreter Shell from a .NET Service
- Redirecting STDIN on windbg
- Analysis of John Wilander’s Triple Submit Cookies
- Metasploit Generic NTLM Relay Module
- Some Practical ARP Poisoning with Scapy, IPTables, and Burp
- Interesting Problems with .NET IsPostBack()
- Google Docs Billion Laughs
- PPP pwnables 99
- Hello WordPress.com
- 3 Quick Metasploit Tips
- Calculating an Integer Overflow
- Blind Second Order SQL Injection with Burp and SqlMap
- Some Interesting URI Parsing Quirks and Open Redirects
- Server Shells from Web Clientside Attacks
- Auto login to LiveID with Burp Macros/Session
- DOM XSS Behind a WAF
- Serving Back XML for XSS
- Is it already 2012?
- Linkedin Crawler
- Toorcon 2010 Talk
- email_spider
- pydbg reverseme solution
- Reverseme Windows Keygen
- Nmap script to detect Debian OpenSSL Random Number Generator Weakness
- Reverseme: Namegenme
- Reverseme: Easy Windows Using Reflector
- Reverseme: Easy Windows
- nmap script to try and detect login pages
- Nessus Grep
- calling convention cheat sheet
- snmp cheatsheet
- Nessus with Nikto – Running out of memory
- proxychains – handy tool!
- mycontroller – done
- Auto Pw Change
- Where was the Hacker in the Room for X-FRAME-OPTIONs?
- 8-queens problem hill climbing python implementation
- The square of random is less uniform (derr)
- Finished RTOS similar to FreeRTOS
- Paper Fun: Simplified Single Packet Authorization
- Paper fun: Concerns with Time-Space Based Wireless Security
- GPG Cheat Sheet
- Simpson’s Paradox
- execv-like system call
- I thought of a new slogan for cups…
- RTOS and the Parallax Propeller
- browsing with firefox, tor, refcontrol, and noscript on ubuntu
- playing a scale with the atmega16
- Security in an Insecure Environment
- Format String Exploits
- avr interrupts
- stk500 avr atmega16 linux gcc hello, world
- php multiuser system – the www-data problem
- Auto Restore Virtualbox
- Social Network Analysis of Disclosure
- Count number of lines in a file
- mounting partitions from a disk image
- Bash Error Checking
- sorta captcha breaking thing
- An analysis of a Time Synchronization Protocol
- madwifi == awesome
- gcc security tips
- convert flash to mp3
- HTTP over SSH
- 2.0.38 /usr/src/linus/fs/ufs/ufs_super.c
- modular exponentiation python program
- Analysis of a proposed key-management scheme for DSN
- gnu readline – python
- Golay G24
- isbn-10 validity identifier
- wargames reverseme
- python anagram finder
- Windows reverseme – nothing tricky
- Basic TKinter GUI format in python
- rdp over ssh into your office box
- md5check directories
- recursive remove in python
- ISUbuntu
- my home voip setup
- process monitoring with kill
- ldap by hosts
- The easiest way to backup an ldap database
- wget login pages
- Using smbclient to view public cifs shares
- Encrypt a message with RSA in python
- Get Weather from the commandline
- Simple Beauty Website Baker Template
- syn cookies
- sizeof()
- Privilidge Separation in sshd
- Small Steps
- getfacl, setfacl
- swappiness is the route to happiness
- fail2ban attack
- strong passwords with pam_cracklib
- Unintended consequences of half open scans
- View/change UUID in Linux
- Spoofing IP Addresses
- Reverseme – windows
- fpdns
- syscall table
- Bash Bomb
- vim tricks – different types of insert, repeat
- vim trick – restoring something you delete
- mycontroller – Cache
- Windows Password, geygen, password reverseme
- Reverseme – very very easy Linux
- Rescue initramfs
- websitebaker module: Random pic with text
- Really global environment variables for ssh
- chkrootkit
- Build a Bridge and Get Over it
- mycontroller – DMA
- Matrix Multiplication Optimization in C++
- print shell code
- unmask – python profiling tool
- websitebaker modules
- ssh-keygen -R
- The Magic Constant
- Getting rid of the Lame Ubuntu Splash screen
- add some color to your man
- scanrand
- mycontroller – RAM
- Program Counter
- RAMEL
- Broadcom Wireless and Linux
- TCP/IP Drinking Game
- Matching Regular Expressions that don’t end with…
- Longest Common Subsequence in C++
- Hanging mount (not the way you like it)
- Reverseme – Trivial Linux
- Rotating a movie with mencoder
- vim tricks
- Get Mail List from LDAP
- Common Permission Error
- PDPTA Paper
- Zombie Killer
- Readelf – a sexy little elf
- Boot Ubuntu into Runlevel 3