877.791.9571 |

About the Author:

Dejan Lukan is a security researcher for InfoSec Institute and penetration tester from Slovenia. He is very interested in finding new bugs in real world software products with source code analysis, fuzzing and reverse engineering. He also has a great passion for developing his own simple scripts for security related problems and learning about new hacking techniques. He knows a great deal about programming languages, as he can write in couple of dozen of them. His passion is also Antivirus bypassing techniques, malware research and operating systems, mainly Linux, Windows and BSD. He also has his own blog available here: http://www.proteansec.com/.
PrivateCloud08192014

Secure Backup Concepts in a Private Cloud

1. IntroductionCreating a backup procedure is a very important aspect for a company, because a loss of data can result in great damage to the company, possibly even a […]

Xplico-07302014

Xplico

Downloading Xplico
In this article we’ll present Xplico, which is a network forensics tool installed in major digital forensics Linux distributions like Kali, Backtrack, Security Onion, DEFT, etc. In this […]

libemu07292014

Shellcode Detection and Emulation with Libemu

Introduction
Libemu is a library which can be used for x86 emulation and shellcode detection. Libemu can be used in IDS/IPS/Honeypot systems for emulating the x86 shellcode, which can be […]

iSCSI07252014

iSCSI Security Considerations in the Cloud

Introduction to SCSI
The SCSI (Small Computer System Interface) defines a way to exchange data between a computer and its peripheral devices, like a hard drive, a tape drive, a […]

PaFish07232014

Pafish (Paranoid Fish)

Introduction

In this tutorial we’ll take a look at a Pafish tool, which performs anti debugger/vm/sandbox tricks to detect whether the malware is being executed in a debugger, in a […]

WPAD07212014

Hacking Clients with WPAD (Web Proxy Auto-Discovery) Protocol

Introduction

In this tutorial, we’ll take a look at how we can hack clients in local network by using WPAD (Web Proxy Auto-Discovery). The WPAD protocol allows automatic discovery of […]

DomGenAlgor06232014

Domain Generation Algorithm (DGA)

Introduction

We all know there have been (and still is) a lot of malware lurking around the Internet. It’s quite usual today that once the victims get infected, they call […]

MemoryDump06202014

Obtaining Information from Dumping Memory

Introduction

In this article, I’ll present whether it’s possible to get access to passwords lying around in memory by using a fully patched Linux x64 operating system. First, it’s not […]

DMZ-Cloud-06182014

Virtual DMZs in the Cloud

Introduction

DMZ or DeMilitarized Zone is primarily used to separate the network into multiple blocks to enhance security. The name is derived from the same term used to define an […]

cloudOS05212014

Building a Secure API in a Cloud Environment

Introduction

In the last couple of years there has been a boom in cloud computing, but mainly just the term is new, as we’ve been using cloud services for years […]

internet_cloud04152014

Virtualization and Cloud Computing

In cloud computing, there are a number of components used to build the cloud infrastructure. At the lowest layer there are actual hardware components like servers, network attached storage […]

HookingSSDT03212014

Hooking the System Service Dispatch Table (SSDT)

Introduction
In this article we’ll present how we can hook the System Service Dispatch Table, but first we have to establish what the SSDT actually is and how it is […]

MSR03202014

Hooking System Calls Through MSRs

Download the code associated with this article by filling out the the form below. 

In this article we presented the details of using sysenter instruction to call from user-mode to […]

hookingIDT03192014

Hooking IDT

Download the code associated with this article by filling out the the form below. 

Once we’ve already gained access to the system, we can use various post-mortem attack vectors to […]

cryptography03182014

Building Cryptographically Secure Cloud Applications

1. Introduction to the Problem
Crypton is an open-source project provided by SpiderOak with the purpose of solving privacy and security problems through cloud applications. Before introducing the solution, we […]

qemu12262013

Kernel Debugging with Qemu and WinDbg

If you’re used WinDbg before, you might already know that you can debug the whole Windows operating system with it. To do that, you must have two Windows operating […]

SambaQemu02272014

Shared Folders with Samba and Qemu

In this tutorial we’ll take a look at how we can install and configure the Samba server on a host operating system to create a shared folder, which the […]

OpenVPN-02262014

OpenVPN

Introduction

In this tutorial we’ll talk about OpenVPN client connection settings, which come in handy when the connection to the OpenVPN server does not work. We’ll be using GopenVPN GUI […]

SecureCloud02252014

Securing Cloud-Based Applications with Docker

Introduction to Docker
In this article, we’ll first introduce Docker and try to explain how it works. After setting the stage, we’ll simulate the file upload vulnerability by copying the […]

honey

What is a Honey Pot?

1. Introduction

Honeypots are special programs that are written for a sole purpose: to be exploited. Honeypots can emulate the existence of the vulnerability, so the attackers, viruses and worms […]