877.791.9571 |

Monthly Archives: December 2010

Stuxnet Worm Revealed – Installation, Injection and Mitigation

In the videos below, Joel Langill deconstructs each part of the worm to show it in action. In the second video you’ll see the best practices that InfoSec Institute uses (we have a training course dedicated to SCADA control systems which includes a robust Stuxnet lab) to mitigate this […]

By |December 16th, 2010|SCADA|1 Comment

Fuzzer Automation with SPIKE

This is continued from the previously posted Introduction to Fuzzing article.

Automating the SPIKE Fuzzing of Vulnserver

What we need is a way to send multiple SPIKES, one after the other, while recording enough detail for us to see what is being sent, and for our fuzzing process to stop when […]

An Introduction to Fuzzing: Using fuzzers (SPIKE) to find vulnerabilities

This article discusses the process of fuzzing an application to find exploitable bugs. Vulnserver, a TCP server application deliberately written by Stephen Bradshaw to contain security vulnerabilities, will be used as the fuzzing target. The fuzzer creation kit SPIKE will be used to perform the fuzzing. SPIKE scripting and […]