877.791.9571 |

About the Author:

Dejan Lukan is a security researcher for InfoSec Institute and penetration tester from Slovenia. He is very interested in finding new bugs in real world software products with source code analysis, fuzzing and reverse engineering. He also has a great passion for developing his own simple scripts for security related problems and learning about new hacking techniques. He knows a great deal about programming languages, as he can write in couple of dozen of them. His passion is also Antivirus bypassing techniques, malware research and operating systems, mainly Linux, Windows and BSD. He also has his own blog available here: http://www.proteansec.com/.

Hacking PDF: util.prinf() Buffer Overflow: Part 1

1. Introduction

One of the first things we need to do is to remove the PDF Reader we currently have installed and reinstall the old version of PDF Reader.

The old […]


Apache JMeter Part 4: Testing the Throughput and Performance of InfoSec Institute

For part 3 of this series, click here.

1. Testing the Throughput of InfoSec Institute

1.1. Running the JMeter

When everything is set-up all that is left for us to do is […]


Apache JMeter Part 3: Testing Website Performance

1. Summary

We’ve already described most of JMeter in part 1 and part 2, but let’s summarize what we’ve learned so far. We’ve seen that JMeter consists of the following […]


Apache JMeter: Part 2


For Part 1 of this series, please click here.

1. Test Plan Elements

Up until now we haven’t said anything about how to actually do something useful with JMeter, but it’s […]


Apache JMeter: Part 1

1. Introduction

Apache JMeter is a program that can test the performance of various servers. It natively supports the following protocols:

JDBC (needs appropriate JDBC driver)

Besides those, JMeter also has a […]


Blacklists and Fast Flux Domains

Blacklists and Fast Flux Domains

1. Blacklists

Several web pages that maintain blacklists exist these days. These web pages maintain IP addresses and domains that are believed to be malicious, but […]


DNS Cache Snooping

1. Introduction

DNS or name servers are servers that resolve a hostname to their IP representation. There are numerous DNS servers out there, all of which resolve specific domains, but […]


Open Source Antivirus: ClamAV

1. Introduction

We all know that checking downloaded files for virus signatures should be a mandatory thing to do nowadays because of all the malware existing in the world. ClamAV […]


Reverse Engineering Tools

1. Introduction

First, we’re going to describe the process of compiling/assembling a source code to an executable file. This is very important, so we need to understand it when reverse […]


Fuzzing Vulnserver with Sulley: Part 3

1. Introduction

Vulnserver is a vulnerable server written by Stephen Bradshaw whose blog is located here: grey-corner. This server was written intentionally to be vulnerable, so we can learn fuzzing […]

Computer security concept.

Fuzzing Vulnserver with Peach: Part 2

1. Introduction

The vulnserver.exe server is a vulnerable server that was written specifically for fuzing purposes. Therefore the software intentionally contains vulnerabilities that we can exploit to gain control over […]


Fuzzing Vulnserver: Discovering Vulnerable Commands: Part 1

1. Introduction

Vulnserver is a Windows TCP server running on port 9999. It was written by Stephen Bradshaw whose blog is located here. The server was intentionally written to be […]


Linux TPM Encryption: Initializing and Using the TPM

1. Initializing the TPM

To secure our data we must first initialize the TPM. What we’re actually doing is changing the settings of the hardware TPM chip module on the […]


Packet Filtering

1. Packet Filtering Introduction

This tutorial will talk about packet filtering. First we must define what packet filtering is. Packet filtering is a process of allowing or blocking packets at […]


Security Categories

1. Introduction

I’ve been a security enthusiast for years now, and currently I’m working as a security penetration tester. Over the years it has happened that I’ve heard about a […]


Linux TPM Encryption: Enabling TPM in BIOS and Kernel

1. Introduction

The TPM stands for the Trusted Platform Module, which is a secure microprocessor that can store cryptographic keys that are further used to encrypt/decrypt data.

The following picture is […]


How to Use Iptables

1. Introduction

First we must mention that iptables is a Linux kernel firewall, which is why we can categorize it with the picture below:

The picture is presented so we can […]


The Browser Exploitation Framework (BeEF) – Part 2

The first article in this series can be found here: The Browser Exploitation Framework (BeEF) – Part 1.
1. Using the Modules

In this section we’ll describe all the available modules […]


The Browser Exploitation Framework (BeEF) – Part 1

1. Introduction

We can categorize the BeEF social engineering framework as shown in the picture below:

We can read more about the mentioned frameworks, namely: SET (Social Engineering Framework), BeEF, Honeyd […]


Crack Me Challenge: Final Edition

You can find the rest of the Crackme Challenge series here.

Part 6

The code for logical segment 6 is as follows:

0040181F |. B9 10000000 mov ecx,10
00401824 |. 8DB424 C0000000 lea […]