security_downloads 썸네일형 리스트형 USB Fuzzing Basics: From fuzzing to bug reporting We recently begun to search bugs in USB host stacks using one of our tool based on the Facedancer. This article first presents our fuzzing approach followed by a practical example of a bug in Windows 8.1 x64 full-updated. The goal of this article is not to redefine state-of-the-art USB fuzzing, nor to give a full description of our fuzzing architecture, but rather to narrate a scenario which sta.. 더보기 An Introduction to Recognizing and Decoding RC4 Encryption in Malware There is something that we come across almost daily when we analyze malware in the VRT: RC4. We recently came across CVE-2014-1776 and like many malware samples and exploits we analyze, RC4 is used to obfuscate or encrypt what it is really doing. There are many ways to implement RC4 and it is a very simple, small algorithm. This makes it very common in the wild and in various standard applicatio.. 더보기 A webshell which utilizes powershell Introducing Antak - A webshell which utilizes powershellDuing penetration tests, I always wanted to have a simple yet powerful webshell. For that, I wrote Antak last year, demonstrated it at Defcon 21 but never released for I was busy in other things :) Antak stands for God of Death in Indian mythology, popularly known as Yamraj. Muhahaha The webshell is a part of Nishang now. It is written in C.. 더보기 An Introduction to RSA Netwitness Investigator In many cases using Wireshark to do a network forensics is a very difficult task especially if you need to extract files from a pcap file. Using tools such as RSA Netwitness Investigator can make network forensics much easier. RSA Netwitness Investigator is available as freeware. Installation: 1-Go to http://www.emc.com/security/security-analytics/security-analytics.htm#!freeware to obtain the l.. 더보기 cve-2014-0130 분석 자료 cve-2014-0130 분석 자료 더보기 Assessing SOAP APIs with Burp Something I've noticed recently is that most of the websites I've been asked to assess now seem to be "new, improved, and with an API". Often the API is based on SOAP, and it's been an interesting discussion on how best to scan these new Web Services based on WSDL for vulnerabilities.The simple way is to run the developers test suite, usually coded up as a project file in SoapUI, through BURP. H.. 더보기 사용자 몰래 가상화폐 채굴하는 스마트폰 악성앱 분석 개 요사용자 몰래 가상화폐 채굴하는 스마트폰 악성앱 분석내 용악성앱 배포 방식채굴 악성앱 유형 분석스마트폰 악성앱 감연 예방 방법 및 대처※ 본 보고서의 전부나 일부를 인용시 반드시 [자료:한국인터넷진흥원(KISA)]를 명시하여 주시기 바랍니다. 더보기 로그파서 사용방법 및 다운로드 받는곳 http://www.msexchange.org/articles-tutorials/exchange-server-2003/tools/Using-Logparser-Utility-Analyze-ExchangeIIS-Logs.htmlhttp://technet.microsoft.com/ko-kr/scriptcenter/dd919274.aspx 더보기 Log Parser Rocks! More than 50 Examples! Log Parser is a tool that has been around for quite some time (almost six years, in fact). I can’t really do any better than the description on the official download page, so here it is: “Log parser is a powerful, versatile tool that provides universal query access to text-based data such as log files, XML files and CSV files, as well as key data sources on the Windows operating system such as t.. 더보기 BIOS의 위협 BIOS의 위협차례어떤이 문서소개이전 연구컴퓨 에이전트표준 동작 인 Computrace 에이전트1 단계 : BIOS 모듈2 단계 : Autochk.exe를3 단계 : rpcnetp.exe4 단계 : rpcnet.exe무단 활성화 사례.시스템 A.시스템 B.시스템 C온라인 포럼의 데이터잠재적 인 문제의 규모.네트워크 프로토콜 미니 에이전트결론.링크.부록 A : 활동의 Computrace 에이전트부록 B : 파일 해시어떤이 문서보고서 - 다시 한 번 현재 휴대용 퍼스널 컴퓨터를 널리 사용되는 펌웨어에 구현 된 보안 메커니즘과 일부 데스크톱의 문제를 제기하기 위해. 우리는 회사의 절대 소프트웨어에서 컴퓨 소프트웨어 에이전트 컴퓨터와 개별 파일의 번호, 펌웨어를 예상하고있다. 컴퓨터에 대한 물리적 액세스의 존재.. 더보기 이전 1 ··· 4 5 6 7 8 9 10 ··· 22 다음