877.791.9571 |

About the Author:

Dejan Lukan is a security researcher for InfoSec Institute and penetration tester from Slovenia. He is very interested in finding new bugs in real world software products with source code analysis, fuzzing and reverse engineering. He also has a great passion for developing his own simple scripts for security related problems and learning about new hacking techniques. He knows a great deal about programming languages, as he can write in couple of dozen of them. His passion is also Antivirus bypassing techniques, malware research and operating systems, mainly Linux, Windows and BSD. He also has his own blog available here: http://www.proteansec.com/.
MSR03202014

Hooking System Calls Through MSRs

Download the code associated with this article by filling out the the form below. 

In this article we presented the details of using sysenter instruction to call from user-mode to […]

hookingIDT03192014

Hooking IDT

Download the code associated with this article by filling out the the form below. 

Once we’ve already gained access to the system, we can use various post-mortem attack vectors to […]

cryptography03182014

Building Cryptographically Secure Cloud Applications

1. Introduction to the Problem
Crypton is an open-source project provided by SpiderOak with the purpose of solving privacy and security problems through cloud applications. Before introducing the solution, we […]

qemu12262013

Kernel Debugging with Qemu and WinDbg

If you’re used WinDbg before, you might already know that you can debug the whole Windows operating system with it. To do that, you must have two Windows operating […]

SambaQemu02272014

Shared Folders with Samba and Qemu

In this tutorial we’ll take a look at how we can install and configure the Samba server on a host operating system to create a shared folder, which the […]

OpenVPN-02262014

OpenVPN

Introduction

In this tutorial we’ll talk about OpenVPN client connection settings, which come in handy when the connection to the OpenVPN server does not work. We’ll be using GopenVPN GUI […]

SecureCloud02252014

Securing Cloud-Based Applications with Docker

Introduction to Docker
In this article, we’ll first introduce Docker and try to explain how it works. After setting the stage, we’ll simulate the file upload vulnerability by copying the […]

honey

What is a Honey Pot?

1. Introduction

Honeypots are special programs that are written for a sole purpose: to be exploited. Honeypots can emulate the existence of the vulnerability, so the attackers, viruses and worms […]

ossec-01022014

OSSEC

Introduction

In this article we’ll present the open source host-based intrusion detection system, which is needed if we would like to detect host-based attacks on our computer. First of all, […]

forensics-cloud-01022014

Cloud Forensics: An Overview

Introduction

When discussing cloud forensics, we’re actually talking about the intersection between cloud computing and network forensic analysis. Cloud computing basically refers to a network service that we can interact with […]

qemu12262013

QEMU Windows Guest: Bridged Networking

Bridged networking can be used when we want our guest virtual machine to get the IP address from our router and be able to see the host and all […]

qemu12262013

QEMU Windows Guest: Networking

There are different kind of backend networks that we can use with QEMU. In order to specify the backend network, we need to use the -netdev command-line option. This […]

qemu12262013

QEMU Windows Guest: Installing the Operating System

Now that we’ve created the image for our guest, we must continue with installing the operating system on it. In Virtualbox/VMWare, we usually select the CD-ROM to boot from […]

qemu12262013

Qemu Windows Guest: Introduction

In this article we’ll present how we can use Qemu instead of Virtualbox/VMWare. Those products are all great, but sometimes we would just like to use something a little […]

gentoo-harden-4

Gentoo Hardening: Part 4: PaX, RBAC and ClamAV

Grsecurity and Xorg

If we enable the “Disable privileged I/O” feature in the hardened kernel and reboot, we can’t start X server. That’s because Xorg uses privileged I/O operations. We […]

gentoo-harden-3-11042013

Gentoo Hardening: Part 3: Using Checksec

Checksec

The checksec.sh file is a Bash script used to verify which PaX security features are enabled. The latest version can be downloaded with the wget command:

Let’s take a look […]

gentoo-harden-P2-10312013

Gentoo Hardening: Part 2: Introduction to PaX and Grsecurity

Configuring PaX with Grsecurity

We’ve already briefly discussed PaX, but now it’s time to describe it in detail. PaX provides the following security enhancements:

Non-executable memory: Sections that do not contain […]

gentoo-harden-10302013

Gentoo Hardening Part 1: Introduction to Hardened Profile

Introduction

In this tutorial, we’ll talk about how to harden a Linux system to make it more secure. We’ll specifically use Gentoo Linux, but the concepts should be fairly similar […]

Pin-09302013

Pin: Dynamic Binary Instrumentation Framework

Introduction

Pin is a DBI framework for IA-32 and x86-64 architectures, which can be used for dynamic analysis of the binary program at run time. When using Pin framework to […]

linux-kernel09252013

Linux Kernel Development Process

Introduction

When I was listening to the question and answer session at LinuxCon, there was some interesting discussion going on: some of the latest news information is Linus Torvals’s joke […]