background preloader

InterN0T - Underground Security Training

InterN0T - Underground Security Training

http://forum.intern0t.org/forum.php

Malicious Linux Commands - From (This article was originally published in Ubuntu Forums but was removed there. Ubuntuguide feels that knowledge about these risks is more important than any misguided attempts to "protect the public" by hiding their potential dangers or protect the (K)Ubuntu/Linux image. The original article has therefore been re-created (and subsequently edited) here.) ATTENTION: It is worthwhile to have some basic awareness about malicious commands in Linux. Top 10 Web hacking techniques of 2010 revealed Network World - A Web hack that can endanger online banking transactions is ranked the No. 1 new Web hacking technique for 2010 in a top 10 list selected by a panel of experts and open voting. Called the Padding Oracle Crypto Attack, the hack takes advantage of how Microsoft's Web framework ASP.NET protects AES encryption cookies. FROM THE SECURITY WORLD: Quirky moments at Black Hat DC 2011 If encryption data in the cookie has been changed, the way ASP.NET handles it results in the application leaking some information about how to decrypt the traffic.

Google Dorks cache: If you include other words in the query, Google will highlight those words within the cached document. For instance, [cache:www.google.com web] will show the cached content with the word “web” highlighted. This functionality is also accessible by clicking on the “Cached” link on Google’s main results page. Google hacking Basics[edit] The following search query will locate all websites that have the words "admbook" and "version" in the title of the website. It also checks to ensure that the web page being accessed is a PHP file. filter - The Wireshark Network Analyzer 1.8.0 wireshark-filter - Wireshark filter syntax and reference wireshark [other options] [ -R "filter expression" ] tshark [other options] [ -R "filter expression" ] Wireshark and TShark share a powerful filter engine that helps remove the noise from a packet trace and lets you see only the packets that interest you. If a packet meets the requirements expressed in your filter, then it is displayed in the list of packets. Display filters let you compare the fields within a protocol against a specific value, compare fields against fields, and check the existence of specified fields or protocols.

Password crackers SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form . Short Film of the Day: Stuxnet: Anatomy of a Computer Virus Why Watch? Because we should challenge how we define a film. Most of the shorts featured in this column are either easy to spot as stories or completely experimental. Even when a documentary short is in the spotlight, it tells a clear tale of people doing things. Firesheep - Wikipedia, the free encyclopedia - StumbleUpon The extension was created as a demonstration of the security risk of session hijacking vulnerabilities to users of web sites that only encrypt the login process and not the cookie(s) created during the login process.[3] It has been warned that the use of the extension to capture login details without permission would violate wiretapping laws and/or computer security laws in some countries. Despite the security threat surrounding Firesheep, representatives for Mozilla Add-ons have stated that it would not use the browser's internal add-on blacklist to disable use of Firesheep, as the blacklist has only been used to disable spyware or add-ons which inadvertently create security vulnerabilities, as opposed to attack tools (which may legitimately be used to test the security of one's own systems).[4] Note that even if they did, it wouldn't actually prevent anyone from using Firesheep, as Firefox contains a hidden setting to disable this blacklist.[5] Countermeasures[edit] HTTPS[edit]

Top 10 Password Crackers SecTools.Org: Top 125 Network Security Tools For more than a decade, the Nmap Project has been cataloguing the network security community's favorite tools. In 2011 this site became much more dynamic, offering ratings, reviews, searching, sorting, and a new tool suggestion form . This site allows open source and commercial tools on any platform, except those tools that we maintain (such as the Nmap Security Scanner , Ncat network connector , and Nping packet manipulator ). We're very impressed by the collective smarts of the security community and we highly recommend reading the whole list and investigating any tools you are unfamiliar with. Click any tool name for more details on that particular application, including the chance to read (and write) reviews.

Transferring your iTunes Library For most users, iTunes does a great job of handling all of the details of managing your media library for you, allowing you to manage your content through iTunes itself and not having to worry too much about the underlying files and folders that make up your iTunes library. Unfortunately, this user-friendly approach has one serious limitation: When it comes time to move your iTunes library, it can often be a bit of a challenge to figure out exactly what pieces you need to move and how to go about doing this. Many iTunes users start out with a basic iTunes library and use the default settings to store all of their media content on their primary internal hard drive. However, as you add new content over time, particularly with the additional video content now supported by iTunes, you may soon find that your library threatens to take over your computer. Another common scenario many users find themselves in is what to do when they upgrade to a new computer. How iTunes Manages Media Content

Jailbreak basics: Everything you need to know for iPhone and iPad We see quite a few questions in our Jailbreak Forums about jailbreak basics. So, we've decided to compile a master list of some basic jailbreak magic right here in one place. Hopefully this will help a lot of you beginner jailbreakers learn the ropes (and maybe even help some of you decide whether the leap to the jailbreak world has its advantages for you). We've included common jailbreak lingo, popular jailbreak apps and tools, and videos highlighting some awesome jailbreak utilities! Common ways to Jailbreak There are usually several ways to Jailbreak depending exactly when a new version of iOS is released, when a new exploit is found, and when new Jailbreaks are released.

Related: