It can take an organization several years to build out an information security infrastructure capable of providing them with sufficient protection. This is especially true of small to medium sized companies, who usually have to work within tighter financial constraints, and all too often are reluctant to add additional […]
The talks on Defcon day 2 were scheduled to begin from 10 am. I reached the venue at 8:30 am and decided to use the time to buy some Defcon merchandise. The lines for the merchandise are usually very long but it wasn’t at that time of the day.
This article will discuss about the talks and events that happened on Defcon day 1.
Venue: Rio Hotel and Casino
We reached Rio Hotel at around 8 am. We thought we did good on time until a nice gentleman came to us and said “It’s a 3 hour long line guys […]
Why do websites get hacked? Websites get hacked for a bunch of different reasons:
To plant hidden links to other sites in an attempt to game search engines and raise those site’s rankings
To plant spyware on your site that will infect your visitors and take over their computers, to make […]
Two things made me write this article. The first was a conversation with a friend of mine, Luigi (Thanks Luigi!) The second was a conversation I had with a woman last night. She disagreed with the idea that a person’s entire life can be invaded and called me crazy. […]
WordPress is one of the most popular open source web applications used by major Fortune 500 companies as well as many independent websites and blogs. Like many web applications, WordPress stores user accounts in a MySQL database, including administrative user accounts with their associated password hashes. A closer inspection […]
Tony Busseri is the CEO of Route1. He leads the management team in executing Route1’s strategic vision. Mr. Busseri is an entrepreneurial executive with a track record of producing results and shareholder value. He is committed to delivering Route1 solutions to customers and advancing excellence in the organization.
Mr. Busseri […]
Charles Weaver is the co-founder and CEO of the MSPAlliance. In addition to running the daily operational operations of the association, he writes and speaks extensively around the world on issues and topics related to the managed services industry.
Prior to founding the MSPAlliance, Mr. Weaver was an editor for […]
IBM Rational Appscan is one of the most widely used tools in the arena of web application penetration testing. It is a desktop application which aids security professionals to automate the process of vulnerability assessments. This article focuses on configuring and starting a scan using Appscan. Analysing the scan […]
Network Mapped (Nmap) is a network scanning and host detection tool that is very useful during several steps of penetration testing. Nmap is not limited to merely gathering information and enumeration, but it is also powerful utility that can be used as a vulnerability detector or a security scanner. […]
1. Sulley Fuzzing Framework
Sulley is python fuzzing framework that can be used to fuzz file formats, network protocols, command line arguments, and other codes. In this three-part series, we’ll learn how to fuzz a threaded TCP server application called Vulnserver using a Sulley fuzzing framework. In this first article, […]
This tutorial focuses on how to crack Wi-Fi networks that are insecurely Wi-Fi. I am using an External Wi-Fi card (AWUSO36H 802.11 b/g 5db), which is quite popular among Wi-Fi hackers and it will cost you around $20- $35 USD. The major advantages of using this ALFA card are […]
Virtualization brings significant value to business managers and engineers attempting to keep pace with business pressure for additional servers. It enables maximum use of hardware resources while introducing an increased flexibility in how organizations design and implement new solutions. However, it also introduces new security concerns. Until recently, organizations […]
This article will provide readers with an introduction to the statistical and dynamic analysis of code. However, before proceeding to analysis, we must first understand the concept of agile methodologies for code development. To begin, we’ll start with an exploration of agile/scrum methodology and how it plays into the […]
Topics related to Internet censorship have been debated frequently in the last few years. The main purpose of most Internet censorship actions is to deny access to certain information on the web. This information can be censored throughout the world, or in some cases, can be limited to certain […]
Information security and hacking conferences or gatherings are awesome events where you can hang out with cool people, a good environment where you can listen to topics related to computer security and security researches, and play challenging games like Capture the Flag (CTF), Hacker Jeopardy, Wireless Cracking and other […]
In this article, I will explain WebDAV application DLL hijacking exploitation using our all time favorite, Metasploit. Here we will cover the module which has a directory of file extensions that can lead to code execution. This module presents a directory of file extensions that can lead to code […]