Slides from a lecture given by the Technical University of Vienna Politecnico di Milano regarding AntiPhish: An Anti-Phishing Browser Plug-in based Solution.
11fdb1fd6cf3504814e13cee83b573ad2c17c0fd9b5ca17d7c6ea7217edc9c3e
Slides from a lecture discussing Writing Behind A Buffer.
67417f7ee79d3f522c2a4e3d577097a0fbf2a4fb4b71b2b080564f565d937cd5
ShellExecuteFisaco - This is a temporary, third-party patch to help mitigate the URL handling issue discovered in Windows XP and Windows Server 2003.
0ff695c1b0c5d9e7f8c0aa50738be627a3c4f7d8d77fd0b2c0b6be7970eab8f2
OrakelCrackert is a tool that can crack passwords which are stored using the latest SHA1 based password hashing algorithm. To speed up cracking, the tool exploits a weakness in the Oracle password storage strategy. Therefore, cracking - for most passwords - is still just as fast as it was before the introduction of Oracle 11g.
5293c61b9916b0a25af39e553ff393284d2acd51443e7e5e0dd7b3270a0955b4
Patch for THC's Hydra that adds a dependency checks for openssl needed for the SIP module, modifies checks for libpq.so for Postgresql module, adds a new module for Netware NCP and for Firebird database.
a644e2e1a9eb85606bd9b9f29ac096834058d72e8ab3dca236b8146d7a98e302
The German fraction of THC stops all activities that have been labeled illegal under the German anti hacker law. The law forbids German citizens to research, discuss or disclose security problems. THC is an independent non-commercial security research organization with over 10 years of experience.
4ac519f2436e67eece867b309cf6040907b049cf37943a3bbf2e65ea4bc6881c
SniffJoke implements sniffer/IDS evasion techniques. SniffJoke runs on a network connected box by selectively applying evasion techniques to sessions involving it. Evasion application is governed by user rules and implemented with a netfilter/ulogd module.
fa26b5c1f7404da6b5ac31e14a7fe20607c48b583e5075bb8539ff76fdf04493
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
cd2e7e5ea479d50982b08334b1f4477a6620e6b45bc79ab55ddd07b128c64611
SniffJoke implements sniffer/IDS evasion techniques. SniffJoke runs on a network connected box by selectively applying evasion techniques to sessions involving it. Evasion application is governed by user rules and implemented with a netfilter/ulogd module.
235306c2ac3afe63439af4c38b56c6ce848e7c2f06a9113a6c7e7975c14779a1
Sandboxing tool for Windows.
377947465e7e61277e2c6eaff1e63082f0c4dc92ae72150346049bef6c993b79
Apmislay (avoid+privacy+mislay) is a library to make anonymous connections without performance loss. It implements a simple technique based on IP spoofing and suits well for file sharing systems or anonymous transfers of large amount of data.
1361d415c01016679dab321c68085b3417b894004a9cb77ea39617715a4fa9db
BigBoo is a YABASST, Yet Another Block And Superblock Subversion Tool. It swallows, encrypts and hides your files in a ext2/ext3 or swap partition.
8dc8de2c28d02a5a800080fda7db637c17cc5b80323a6992cb451a25b9745367
SABBIA protocol anonymizes low latency connections by making a continuous and constant padding over the net. This is an example of implementation on a trusted core.
5e527cac19b060ebb445c3a811d23707127e64c157a48427dbddc3de91179817
Innova is a framework that permits to manipulate network sessions starting at layer 3 and is transparent to the application. It runs entirely in userspace on Linux and supports plugins.
76a6b396d0382cb1e3ce80a6fdabd05fd9b1230c10e350f7bde29acae52e3420
This code shows how to send hidden data steganographed into a simulation of common (worm) traffic.
72789619c48df1f96f8be7684eaa9420f1b13be1f7734eed11122fd57144ff76
sud (superuser daemon) permits a user to switch to root privileges and to use a suid program in a nosuid environment. It is based on a client/server model and on the ability to pass file descriptors between processes. sud permits you to choose your authentication method, and your effective credentials will be checked by using a Unix domain socket.
c4fdf9dfc7a58daf75cb37d2bc4d10d3767216e2b8e4861a87c2d274bac252a0
Generic time path analysis via ttysnoop-0.12c patching.
13016e6b61ab15b5890f728bf71f7270d8fdfbbb5dc4099f6534aa603a989044
Uninformed is pleased to announce the release of its sixth volume. This volume includes 3 articles on reverse engineering and exploitation technology. These articles include - Engineering in Reverse: Subverting PatchGuard Version 2, Engineering in Reverse: Locreate: An Anagram for Relocate, Exploitation Technology: Exploiting 802.11 Wireless Driver Vulnerabilities on Windows. PDFs of all articles and related code are included in this tarball.
77ce1bc8aec65cc4a56356bef955197cab0127a53332ee6046b934865b61016f
Phearless Serbian/Croatian Security Magazine Issue #06 - In this issue: Symbian Networking, Universal Detection of ring3 Debuggers, PEB Dll Hooking, TheMida and SoftIce Detection, ASProtect 2.2 SKE, PeLock 1.06 Picking, PeSpin 1.304 Unpacking, tELock 0.99 Unpacking, Reversing .NET, Payload parsing/ASN.1 encode & SOAP, Linux Low Level Network Programming, Advanced XSS, Make Windows Secured Via Registry Base.
3559f7ae8db274d9867a02719cc26afa12bd30bb7f68b671e2dabd97ff50bbcd
This program exploits a design flaw in the Nokia mobile phones to remove the Phone Lock protection. The program was tested on the Nokia 6630 and the Nokia 6680. The program should work on any other Symbian based mobile phones (including Sony Ericsson and all modern Nokia phones amongst others). This tool does not remove the sim-lock.
c72774c2baaee67ee772961f2d4a822b6f50ba01987a154ae6eb67d5df242574
Astalavista Security Newsletter - Issue 28 - Featured articles include - How to Report Security Breaches and Why and Should we trust remote kids? monitoring services? - as well as an interview with Nick, SecureMAC.com.
2ce0b1c27680b7662bc58565a0cadeb448aeb965ca93f5b4accbacbac7cc8a0f
Astalavista Security Newsletter - Issue 27 - Featured articles include - Establishing an internal security awareness culture the basics and How do I figure out who?s attacking me? - as well as an interview with Roberto Preatoni, Zone-H.org.
1282c77409b38a1fa17f1300ba9e930a766f7794004f1bf06e5b7f035aede53e
Astalavista Security Newsletter - Issue 26 - Featured articles include - What is your position in the emerging market for software vulnerabilities? and If you don't take care of your Security, someone else will - as well as an interview with Martin Herfurt, Trifinite.org.
b14b863f77d8a8788db2f65f1cca08a6e32da3a67eae9322cf288166e885d8ec
Astalavista Security Newsletter - Issue 25 - Featured articles include - Organizational training and today's threatscape and Fortifying your browser even more! - as well as an interview with Johnny Long, johnny.ihackstuff.com.
8cd6365a270fa93bd8df9cfd9bc3d8933f26d4ba288c2fb12d51ccfa3459b29d
Astalavista Security Newsletter - Issue 24 - Featured articles include - Breaking through security myths Part 2 and Threats posed by P2P software - as well as an interview with Vladimir, 3APA3A, Security.nnov.ru.
830e18d4705ce26f1e041603177586529d43b14cb082943724f2c19567a29fc7