Section: .. / papers / general /
| /// File Name: |
browser_insecurity_iceberg_2008.pdf |
Description:
|
Understanding the Web browser threat: Examination of vulnerable online Web browser populations and the "insecurity iceberg".
| | Author: | Stefan Frei, Thomas Duebendorfer, Gunter Ollmann, Martin May | | File Size: | 265522 | | Last Modified: | Jul 1 12:37:48 2008 |
| MD5 Checksum: | af684f84277d52eb31988b9ac44515b2 |
|
| /// File Name: |
ICI.TXT |
Description:
|
Whitepaper discussing security problems and solutions in wireless cafes. Lots of good general info on security, attacks, tools, encryption, etc.
| | Homepage: | http://www.rootshell.be/~ad/ | | File Size: | 148874 | | Last Modified: | May 12 15:54:36 2008 |
| MD5 Checksum: | ae06c9445ebe7a64d20c3feb1ae95eb0 |
|
| /// File Name: |
tempest.pdf |
Description:
|
The story regarding how the United States first learned about the fundamental security vulnerability called "compromising emanations" is revealed for the first time in this 1972 paper called TEMPEST: A Signal Problem.
| | Homepage: | http://www.nsa.gov/ | | File Size: | 284750 | | Last Modified: | Apr 29 21:06:17 2008 |
| MD5 Checksum: | 6930f3cfa80a029f63102875a3947dcc |
|
| /// File Name: |
ngreptut.txt |
Description:
|
Simple network grep (ngrep) tutorial that gives a basic overview of some use cases.
| | Author: | d3hydr8 | | Homepage: | http://www.darkc0de.com/ | | File Size: | 12537 | | Last Modified: | Dec 24 18:59:36 2007 |
| MD5 Checksum: | 094f7c35c7872b9e2ffe74ef2b0b9eda |
|
| /// File Name: |
draft-ietf-tsvwg-port-randomization..> |
Description:
|
This document describes a simple and efficient method for random selection of a client port number, such that the possibility of an attacker guessing the exact value is reduced. While this is not a replacement for cryptographic methods, the described port number randomization algorithms provide improved security/obfuscation with very little effort and without any key management overhead. The mechanisms described in this document are a local modification that may be incrementally deployed, and that does not violate the specifications of any of the transport protocols that may benefit from it, such as TCP, UDP, SCTP, DCCP, and RTP.
| | Author: | Michael Vittrup Larsen, Fernando Gont | | Homepage: | http://www.ietf.org/ | | File Size: | 38321 | | Last Modified: | Dec 7 19:38:08 2007 |
| MD5 Checksum: | a6d891234260fe58cfc46cda8aea2f7c |
|
| /// File Name: |
Inf_Pr_Ldap_Gar_Dumps.pdf |
Description:
|
The LDAP garbage dump that remains on web server results in information disclosure. Security of LDAP may be compromised, if for instance a search engine crawls through untamed directories on the web server and finds information through the ldap.xml file.
| | Author: | Aditya K Sood | | Homepage: | http://www.secniche.org/ | | File Size: | 436128 | | Last Modified: | Dec 4 00:27:02 2007 |
| MD5 Checksum: | 16a4b1bd047ad43f4255dac007b0a1f8 |
|
| /// File Name: |
reverseeng.pdf |
Description:
|
This paper aims to present a methodical framework for high-level reverse engineering. The methodology is a culmination of existing tools and techniques within the IT security research community, which presents ways to identify process operation at a higher-level of abstraction than traditional binary reversing.
| | Author: | Matthew Lewis | | Homepage: | http://www.irmplc.com/ | | File Size: | 1276878 | | Last Modified: | Oct 2 00:31:35 2007 |
| MD5 Checksum: | ad6255431165e52467be53fd14fa775b |
|
| /// File Name: |
secure_smtp_proxy_for_protecting_mt..> |
Description:
|
Whitepaper entitled "Secure SMTP Proxy for Protecting Mail Transfer Agents". This is a 70 page document that discusses new angles for defending mail daemons and more.
| | Author: | Alin-Adrian Anton | | File Size: | 880872 | | Last Modified: | Sep 5 20:24:58 2007 |
| MD5 Checksum: | 5328c8e51d8209c0781888d131361c97 |
|
| /// File Name: |
newbackdoor-jm.txt |
Description:
|
Whitepaper entitled "Las nuevas backdoors", discussing new techniques in backdoors and sniffing. Written in Spanish.
| | Author: | MegadetH | | File Size: | 13021 | | Last Modified: | Aug 23 21:22:54 2007 |
| MD5 Checksum: | fabb4b532cbb1a91b4f35df1ff229298 |
|
| /// File Name: |
phpendangers.txt |
Description:
|
Whitepaper entitled PHP Endangers - Remote Code Execution.
| | Author: | Arham Muhammed | | File Size: | 13748 | | Last Modified: | Aug 16 04:32:46 2007 |
| MD5 Checksum: | 75496cb8ab31fe5ed70fd44ed2edd52e |
|
| /// File Name: |
code_auditing_in_c.txt |
Description:
|
A small whitepaper discussing code auditing in C.
| | Author: | Tal0n | | File Size: | 52888 | | Last Modified: | Aug 11 18:29:07 2007 |
| MD5 Checksum: | 25bd0a787a7800bcf71980d9c707f205 |
|
| /// File Name: |
VNSECON07-JA-Exploit_development.pd..> |
Description:
|
Whitepaper discussing how to speed up the exploit development process as presented at VNSECON07.
| | Author: | Jerome Athias | | File Size: | 1698766 | | Last Modified: | Aug 9 22:22:28 2007 |
| MD5 Checksum: | 06a895e8ac593460d4bfdf6ec7692a60 |
|
| /// File Name: |
bind9forgery.txt |
Description:
|
A new weakness has been discovered in the BIND 9 DNS server that allows for DNS forgery pharming.
| | Author: | Amit Klein | | File Size: | 2268 | | Last Modified: | Jul 24 23:39:15 2007 |
| MD5 Checksum: | 5fa6300ec5a825d63b978a0cee207a3b |
|
| /// File Name: |
i-bot.txt |
Description:
|
I, Bot, Taking Advantage Of Robots Power. A response to the original bot related article in Phrack written by Michal Zalewski.
| | Author: | Crossbower | | Homepage: | http://www.playhack.net/ | | File Size: | 15138 | | Last Modified: | May 16 22:26:14 2007 |
| MD5 Checksum: | 50a152ffdd28969e6ad885b444f34b17 |
|
| /// File Name: |
041607.html |
Description:
|
The Web Application Security Consortium is proud to present 'The Importance of Application Classification in Secure Application Development'.
| | Author: | Rohit Sethi | | Homepage: | http://www.webappsec.org/ | | File Size: | 44216 | | Last Modified: | Apr 18 20:40:46 2007 |
| MD5 Checksum: | 067f062ee0605f2c9e32f8a6614d533c |
|
| /// File Name: |
RogueXMLSpecific.pdf |
Description:
|
Whitepaper entitled Rogue XML Specifications. It discusses insecurities that relate to XML schema.
| | Author: | ZeroKnock | | Homepage: | http://zeroknock.metaeye.org/ | | File Size: | 222734 | | Last Modified: | Feb 27 19:38:50 2007 |
| MD5 Checksum: | f09a65b98a3e2e12185cf646d3e793ae |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
