.:[ packet storm ]:.
                         
all things security
all things security

 Section:  .. / papers / general  /

Page 1 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 1 - 25 of 264
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 022805.txt
Description:
This paper describes several techniques for exposing file contents using the site search functionality. It is assumed that a site contains documents which are not visible/accessible to external users. Such documents are typically future PR items, or future security advisories, uploaded to the website beforehand. However, the site is also searchable via an internal search facility, which does have access to those documents, and as such, they are indexed by it not via web crawling, but rather, via direct access to the files. Therein lies the security breach.
Author:Amit Klein
Homepage:http://webappsec.org/
File Size:25702
Last Modified:Feb 28 19:15:11 2005
MD5 Checksum:87eb98b564a55d22d12c7b83e9641965

 ///  File Name: 041607.html
Description:
The Web Application Security Consortium is proud to present 'The Importance of Application Classification in Secure Application Development'.
Author:Rohit Sethi
Homepage:http://www.webappsec.org/
File Size:44216
Last Modified:Apr 18 20:40:46 2007
MD5 Checksum:067f062ee0605f2c9e32f8a6614d533c

 ///  File Name: 050819-securing-mac-os-x-tiger.pdf
Description:
Corsaire (www.corsaire.com/white-papers/) has released a fully updated version of their guide to securing Mac OS X to cover the new security features offered by Mac OS X 10.4 Tiger (such as ACLs) as well as incorporating additional security guidelines that were omitted in the original (10.3) guide.
Author:Stephen de Vries
Homepage:http://www.corsaire.com/white-papers/
File Size:751834
Last Modified:Aug 26 00:55:07 2005
MD5 Checksum:021cca9d23a8be3656a5f08e6bc300ec

 ///  File Name: 2004_11.txt
Description:
Electronic Frontier Foundation Media Release - Presidential Votes Miscast on E-voting Machines Across the Country. Voters from at least half a dozen states reported that touch-screen voting machines had incorrectly recorded their choices, including for president.
Author:Cindy Cohn,Matt Zimmerman
Homepage:http://www.eff.org/news/archives/2004_11.php#002062
File Size:3620
Last Modified:Nov 4 22:43:21 2004
MD5 Checksum:801f5c3f4e63747cba6eb681b9c7e8f4

 ///  File Name: 3Steps.rar
Description:
Whitepaper called From Win32 User-Land through Native API to Kernel. Includes demonstration code.
Author:cross
Homepage:http://x1machine.com/
File Size:425458
Last Modified:Mar 30 15:46:13 2009
MD5 Checksum:2850b46fa8d6679464eb53efefc006a9

 ///  File Name: A_Modular_Approach_to_Data_Validati..>
Description:
This paper presents a modular approach to performing thorough data validation in modern web applications so that the benefits of modular component based design; extensibility, portability and re-use can be released. The paper begins with an explanation of the vulnerabilities introduced through poor validation and then goes on to discuss the merits of a number of common data validation methodologies. A modular approach is introduced together with practical examples of how to implement such a scheme in a web application. It also provides information on common attack vectors, principles of validation, a modular solution and implementation of that solution.
Author:Stephen de Vries
Homepage:http://www.corsaire.com/
File Size:382808
Last Modified:Apr 12 14:59:25 2006
MD5 Checksum:a0b2f3ac1b5d56c1eb5b580c14a11f16

 ///  File Name: abc.pdf
Description:
This White Paper gives an introduction to computer security and its significance for businesses, followed by an alphabetical guide to common security measures and threats.
Author:Paul Ducklin
Homepage:http://www.sophos.com
File Size:99449
Last Modified:Oct 1 17:22:48 1999
MD5 Checksum:234140dc38979cbe235a915f9e495f15

 ///  File Name: acros.txt
Description:
CaIRA: Computer and Internet-Related Acronyms. 1,725 acronyms and abbreviations with definitions and explanations. Includes a listing of all internet country abbreviations.
Author:Raven
Homepage:http://blacksun.box.sk
File Size:119341
Last Modified:Feb 3 11:35:16 2000
MD5 Checksum:81861a7a8afc090fb589e09620587a27

 ///  File Name: address-spoof.txt
Description:
Address Bar Spoofing Attacks Against Microsoft Internet Explorer 6. Due to formatting issues when sent , additional notes regarding the attacks are appended.
Author:Amit Klein
Homepage:http://www.trusteer.com/
File Size:15579
Last Modified:Oct 27 18:38:09 2008
MD5 Checksum:5bf24bf420c7b4f9d6da416472832ec8

 ///  File Name: agents.txt
Description:
The Evolution of Malicious Agents. This paper examines the evolution of malicious agents by analyzing features and limitations of popular viruses, worms, and trojans, detailing the possibility of a new breed of malicious agents currently being developed on the Internet.
Author:Lenny Zeltser
Homepage:http://www.zeltser.com/agents
File Size:48331
Last Modified:May 3 18:20:38 2000
MD5 Checksum:badaef580cc6781fc436d7fe02f5cce9

 ///  File Name: aix-heap.pdf
Description:
Whitepaper entitled 'An Introduction To Heap Overflows On AIX 5.3L'.
Author:David Litchfield
Homepage:http://www.ngssoftware.com/
File Size:114464
Last Modified:Dec 18 04:29:00 2005
MD5 Checksum:bcf9344092dd57cbf7b7b2315c717e60

 ///  File Name: Altering_ARP_Tables_v_1.00.htm
Description:
Altering ARP Tables v1.00 - This paper is dedicated to ARP tables and how to alter them remotely. Includes a couple of implementations of ARP poisoning in a bridge based segment and a couple of ways to protect yourself.
Author:Data Wizard
File Size:22573
Last Modified:Sep 7 23:03:45 2001
MD5 Checksum:2cddda46bc0102cac912313b0b33cd68

 ///  File Name: Analogy_of_Popups.pdf
Description:
Whitepaper entitled The Analogy Of Third Party Pop Up Attacks.
Author:Aditya K Sood
Homepage:http://www.secniche.org/
File Size:658847
Last Modified:Sep 1 00:03:26 2007
MD5 Checksum:ff85ed95030c4fded1fed95ced753047

 ///  File Name: AnonMoney.zip
Description:
An interesting paper on using the TOR network to anonymously collect funds with eGold.
Author:Mr Babs
File Size:27881
Last Modified:Apr 28 12:47:57 2006
MD5 Checksum:dd9e819d06c9b8ad5e1c6d1b4d87ce5c

 ///  File Name: Anti-FraudImageSolutions.pdf
Description:
Whitepaper called Anti-Fraud Image Solutions - The Use Of Distribution Tracing Within Web Content To Identify Counterfeiting Sources.
Author:Gunter Ollmann
Homepage:http://www.technicalinfo.net/
File Size:228134
Last Modified:May 2 22:06:43 2009
MD5 Checksum:2e82b07b0701dbb15cc07e4182ae23a6

 ///  File Name: appOSfingerprint.txt
Description:
Whitepaper entitled Advanced application-level OS fingerprinting: Practical approaches and examples.
Author:Dan Crowley
File Size:12009
Last Modified:Oct 30 13:13:08 2008
MD5 Checksum:ae054f97b0ef7a85c7a4e4e57059587f

 ///  File Name: arpspoofing.pdf
Description:
Short whitepaper discussing the basics of ARP spoofing.
Author:Affix
Homepage:http://ihack.co.uk/
File Size:89641
Last Modified:Jan 12 15:37:14 2009
MD5 Checksum:aabb36931cac90312055efa371921d6f

 ///  File Name: asm-1.tbz
Description:
Project Freedocs Volume 4 - A collection of tutorials regarding asm programming.
Author:Bugghy
Homepage:http://vaida.bogdan.googlepages.com/
File Size:876790
Last Modified:Sep 9 04:11:55 2004
MD5 Checksum:36dbbc1321d22b50c15c4c125e5e506a

 ///  File Name: AveOfAttack.pdf
Description:
A New Avenue of Attack: Event-Driven System Vulnerabilities. This paper gives more technical details to security vulnerabilities in event-driven systems and relates it to Information Warfare.
Author:Simos Xenitellis
Homepage:http://www.isg.rhul.ac.uk/~simos/event_demo/
File Size:51408
Last Modified:Aug 11 19:06:53 2002
MD5 Checksum:f75606876872b209db3c27c173b8f830

 ///  File Name: banking-flaws.pdf
Description:
Whitepaper entitled Internet Banking Flaws In India.
Author:webDEViL
File Size:312348
Last Modified:Nov 4 00:46:42 2008
MD5 Checksum:4f9d8bbb8f81dae1a06b4b258f70a18e

 ///  File Name: bash-history.txt
Description:
Hacking Bash History discusses about why the history mechanism of bash cannot be used as a monitoring/logging facility even with the strictest measures applied to secure it. A section of the text is dedicated to hacking the bash source code to interface it with syslog.
Author:ithilgore
Homepage:http://sock-raw.homeunix.org/
File Size:12765
Last Modified:Dec 8 23:31:00 2008
MD5 Checksum:8e0335cc29bb88eaeb3fa45c767071f3

 ///  File Name: bbpaint.pdf
Description:
Whitepaper describing how ptrace() might be used to build a Control Flow Integrity system.
Author:Sebastian Krahmer
File Size:2150784
Last Modified:Jun 26 23:40:45 2006
MD5 Checksum:b4fc325a07b02849e37e300fd38f2b7f

 ///  File Name: Becoming_a_Hacker_-_Part_1.pdf
Description:
An introductory paper for would-be hackers. It could also prove useful for network admins and hackers that want to improve themselves. Chapters include: The OS, Understanding TCP/IP, Becoming a Hacker, WHOIS Databases, Basic Tracerouting and Path Analysis, Mapping with DNS and Geolocation and more.
Author:Elite Nabukadnezar
File Size:937329
Last Modified:Apr 28 19:58:49 2006
MD5 Checksum:a1f9344215ff0a8ba83d3479fe01d821

 ///  File Name: berferd.ps
Description:
An Evening With Berferd: In Which a Cracker is Lured, Endured, and Studied: A description of how the author kept an attacker ``on the line'' for several months in order to learn his methods.
File Size:81747
Last Modified:Oct 1 17:22:48 1999
MD5 Checksum:5cc030611fec89e1f717d00e76688835

 ///  File Name: binarycode-obfuscate.pdf
Description:
Whitepaper called Applied Binary Code Obfuscation.
Author:George Nicolaou,Glafkos Charalambous
Homepage:http://www.astalavista.com/
File Size:1047830
Last Modified:Jan 22 23:52:25 2009
MD5 Checksum:5ae18ba9c525b0951148610f29b49e25