877.791.9571 |

About the Author:

Dejan Lukan is a security researcher for InfoSec Institute and penetration tester from Slovenia. He is very interested in finding new bugs in real world software products with source code analysis, fuzzing and reverse engineering. He also has a great passion for developing his own simple scripts for security related problems and learning about new hacking techniques. He knows a great deal about programming languages, as he can write in couple of dozen of them. His passion is also Antivirus bypassing techniques, malware research and operating systems, mainly Linux, Windows and BSD. He also has his own blog available here: http://www.proteansec.com/.
IDAFunctions-sized

IDA Functions

Ida is a very good disassembler and its automatic analysis upon loading the executable is quite intense and useful, but nevertheless, it can’t always be right. Sometimes we need […]

Croos-Reference-sized

IDA: Cross References / Xrefs

Cross references can help us determine where certain functions were called from, which can be useful for a number of reasons. Let’s say that we found the function we’re […]

nmap_logo_sized

NMAP Scripting Example

1. Nmap API

When writing Nmap NSE scripts, we of course need to have a way to talk to the Nmap API, which provides us with various advanced features so […]

nmap_logo_sized

NMAP Scripting Engine and Categories

,

1. Introduction

We all know what Nmap is and what we can do with it, but for those of you who don’t, here’s a short overview. Nmap is an open […]

yara-logo-sized

Yara – Rule-based malware detection and analysis

1. Introduction

Yara is a tool that helps us identify and classify malware software samples by the use of rules. We can use Yara to classify files or running processes […]

hello-world-sized

Hello World: C, Assembly, Object File and Executable

Introduction

Summary: In this article we’ll take a look at the C program that prints “Hello World!” to the screen, which we’ll assemble and compile. Then we’ll compare the results […]

domain-controller-sized

Pen Testing Domain Controllers

Introduction

When performing a penetration test, we’re constantly stumbling upon various servers that support domain logins into the customers network. We’re allowed to login if we know the username and […]

Android-Sniffer-sized

Sniffing Network Traffic on Android

Introduction

There has been a lot of talk about how to connect your laptop though the Android network and use the bandwidth that you’re already paying for. Usually, this requires […]

reverse-engineering-sized

Reverse-Engineering Arrays

Introduction

Whenever we would like to reverse-engineer a function, we need to know exactly how the function is being called: its calling convention, number of parameters, parameter types, parameter values, […]

reverse-engineering-sized

Reverse Engineering Structures

Introduction

In this part of the tutorial, we’ll take a look at how we can figure out a structure when reverse engineering a binary. First, we must write a C++ […]

GGGoogle-Scan-sized

Google Hacking with GGGoogleScan

When scraping the Google search engine, we need to be careful so that Google doesn’t detect our automated tool as a bot, which will redirect us to a captcha […]

TheBasicsofIDAPro-sized

The Basics of IDA Pro

1. Introduction

IDA Pro is the best disassembler in the business. Although it costs a lot, there’s still a free version available. I downloaded IDA Pro 6.2 limited edition, which […]

120912_1254_CallingConv-sized

Calling Conventions

Introduction

Calling conventions are used by all programs without the user even realizing it. But before saying more about them, we must first make sure we understand what happens when […]

GOOG_Android_Java_sized

Android and Java Native Interface

Java Native Interface (JNI)

JNI is a native programming interface supported by Java and is part of the Java SDK. With JNI, we can write code in other languages like […]

sandbox-sized

Using Sandboxes For Hostile Program Analysis

Sandboxes

Introduction

If you’re reading this article, you have probably heard of a sandbox before. But, in case you haven’t, I’ll provide a quick explanation of what a sandbox really is. […]

malware analysis

Analysis of Malware Samples with the Immunity Debugger API

Introduction

Immunity Debugger is a debugger which is very much like Ollydbg. In this tutorial we’ll present the Python API that Immunity Debugger uses for writing the plugins. Ollydbg has […]

Abstract background with binary code.

API Hooking with Microsoft Detours

Introduction

Microsoft Detours is a library which we can use to build our own DLL that serves as an API monitor when analyzing the results. The best thing about it […]

password

Web Vulnerabilities Explained

Introduction

We all know that vulnerabilities in web pages are quite common these days. They range from SQL injections, XSS vulnerabilities, CSRF, etc. In this article we’ll provide basic examples […]

wordpress-attack

WordPress Plugin Vulnerabilities: From a Developer’s Point of View

1. Introduction

We all know the prevalence of the WordPress blogging system and its share of vulnerabilities in the core system alone over the years. If not, we can take […]

url

Getting Domain Information

1. Introduction

When analyzing malware we can gather a lot of information just by identifying the IP addresses and domains the malware software uses. Most malware software programs use DNS […]