security_downloads 썸네일형 리스트형 Is this URL safe? Hiding malware in plain sight from online scanners. There are serveral sites which offer scanning a URL for malware. One should expect that these sites emulate a real browser good enough so that their rating can be trusted. Unfortunatly this is not the case.Based on research I published about 17 month ago about unusual Content-Encoding headers I had a closer look at the following major online scanners:VirustotalZScalerComodo Web InspectorFor test.. 더보기 Vulnerability Coordination and Concurrency Modeling Hi, it's Allen. In addition to building fuzzers to find vulnerabilities (and thinking about adding some concurrency features to BFF in the process), I've been doing some work in the area of cybersecurity information sharing and the ways it can succeed or fail. In both my vulnerability discovery and cybersecurity information sharing work, I've found that I often learn the most by examining the fa.. 더보기 기업 내에서의 위협 : 기본적인 대책 2014 년에 미국 과 일본 에서 일어난 내부 관계자에 의한 정보 유출 사례는 모든 IT 관리자에게 그 대책을 검토하는 계기가되었습니다. 내부 위협은 그 특성상 대처에 필요한 사고 방식이 다르기 때문에 대처가 어려운 문제가되고 있습니다.내부 위협은 다음의 세 가지 논점으로 나눌 수 있습니다. 왜 내부 범행가 될 것인지, 내부 범행들은 어떤 피해를 주는지, 어떻게 내부 위협을 방지 할 수있는 방법입니다.■ 왜 사람들은 내부 범행에게 될지 내부 범행을 실행하는 사람들의 동기를 이해하는 것은 어려울지도 모릅니다. 이러한 사람들은 자신이 속한 (한) 조직에 불리한 행동을하고 자신의 이익과 반하는 것을 간접적으로합니다.동기를 조사하는 데 사용할 수있는 하나의 예는 첩보 활동 이지요. 내부 범행은 첩보 활동 정도 .. 더보기 Bypassing a python sandbox by abusing code objects Awhile ago, I stumbled upon a service that let you write python-bots to interact with a number of external services. The basic idea was that you only had to worry about your logic, and they would provide a wrapper around API's and take care of hosting the bot for a monthly fee. Python "Jail" or sandbox escapes are fairly common in CTFs, and I knew that there are all sorts of "magical" ways of do.. 더보기 리눅스 바이너리 실행파일의 구조 I used to think that executables were totally impenetrable. I’d compile a C program, and then that was it! I had a Magical Binary Executable that I could no longer read.It is not so! Executable file formats are regular file formats that you can understand. I’ll explain some simple tools to start! We’ll be working on Linux, with ELF binaries. (binaries are kind of the definition of platform-speci.. 더보기 Point of Sale Terminal Protection - "Fortress PCI at the Mall" This is a very broad topic, but over the last few months I've seen some really nicly protected PCI termainls. Especially since many POS environments are still running Windows XP, this is an important topic to discuss.Things that I've seen done very well:First of all, only allow access to the POS app - retail staff generally don't require access to email or the internet, at least not from the sal.. 더보기 Windows 8 Kernel Memory Protections Bypass Windows 8 Kernel Memory Protections BypassRecently, MWR intern Jérémy Fetiveau (@__x86) conducted a research project into the kernel protections introduced in Microsoft Windows 8 and newer. This blog post details his findings, and presents a generic technique for exploiting kernel vulnerabilities, bypassing SMEP andDEP. Proof-of-concept code is provided which reliably gains SYSTEM privileges, an.. 더보기 Scan the Internet & Screenshot All the Things During Defcon 22, @ErrataRob, @paulm and @Viss (mass)scanned the Internet and presented some Tips, Tricks and Results. Lots of people confronted @Viss after he posted some VNC screenshots on his Twitter timeline. He posted a follow-up article on his blog and Kashmir Hill, from Forbes, wrote an article about the exposed VNC services. Internet scanning isn't new anymore and people are still surpri.. 더보기 TCP PACKET INJECTION WITH PYTHON TCP PACKET INJECTION WITH PYTHONIN NETWORKING, PACKET INJECTION, RAW SOCKET, TCP HEADER, WIRESHARK - ON 18:46 - NO COMMENTSTCP PACKET INJECTION WITH PYTHONPacket injection is the process of interfering with an established network connection by constructing arbitrary protocol packets (TCP, UDP, ...) and send them out through raw sockets it's used widely in network penetration testing such as DDoS.. 더보기 The Windows 8.1 Kernel Patch Protection In the last 3 months we have seen a lot of machines compromised by Uroburos (a kernel-mode rootkit that spreads in the wild and specifically targets Windows 7 64-bit). Curiosity lead me to start analyzing the code for Kernel Patch Protection on Windows 8.1. We will take a glance at its current implementation on that operating system and find out why the Kernel Patch Protection modifications made.. 더보기 이전 1 2 3 4 5 6 7 ··· 22 다음