877.791.9571 |

About the Author:

Dejan Lukan is a security researcher for InfoSec Institute and penetration tester from Slovenia. He is very interested in finding new bugs in real world software products with source code analysis, fuzzing and reverse engineering. He also has a great passion for developing his own simple scripts for security related problems and learning about new hacking techniques. He knows a great deal about programming languages, as he can write in couple of dozen of them. His passion is also Antivirus bypassing techniques, malware research and operating systems, mainly Linux, Windows and BSD. He also has his own blog available here: http://www.proteansec.com/.

How to Use Iptables

1. Introduction

First we must mention that iptables is a Linux kernel firewall, which is why we can categorize it with the picture below:

The picture is presented so we can […]


The Browser Exploitation Framework (BeEF) – Part 2

The first article in this series can be found here: The Browser Exploitation Framework (BeEF) – Part 1.
1. Using the Modules

In this section we’ll describe all the available modules […]


The Browser Exploitation Framework (BeEF) – Part 1

1. Introduction

We can categorize the BeEF social engineering framework as shown in the picture below:

We can read more about the mentioned frameworks, namely: SET (Social Engineering Framework), BeEF, Honeyd […]


Crack Me Challenge: Final Edition

You can find the rest of the Crackme Challenge series here.

Part 6

The code for logical segment 6 is as follows:

0040181F |. B9 10000000 mov ecx,10
00401824 |. 8DB424 C0000000 lea […]


CrackMe Challenge Part 5: Logical Code Segments Continued

CrackMe Part 5: Logical Code Segments Continued
The code in logical code segment 4 additionally changes the stack at address . The code is presented here:

004017E5 |. B8 3F000000 mov […]


Crack Me Challenge Part 4

First we must take a look at the following piece of code that will be presented in the code segment 5:

004017FC |. B8 40000000 mov eax,40

00401801 |. 33C9 xor […]


WordPress Security

1. Introduction

There are numerous tools available when checking the security of the WordPress Content Management System (CMS). In the rest of the article we’ll mention the WPScan tool, which […]


CrackMe Challenge Part 3: The Logic Behind the First Challenge

If we take our predicate that we’ve seen in the end of part 2 into account and input at least 64 bytes (0×40) into the Key 1 field and […]


CrackMe Challenge Part 2

The First Message Box

Let’s start our unpacked program with OllyDbg, run it, input eight A’s into the Name and Key 1 field and press CHECK STAGE 1. What happens […]


ESET Rule the Code – CrackMe Challenge Part 1: The Unpacking Process

1. Presenting the Problem

The CrackMe challenge was first observed on the ESET CrackMe web page, which looked like the the picture below:

On the web page we can observe that […]


Vulnerable Applications


How often have we found ourselves in need of a vulnerable application, which we could use for various purposes? We could use such applications to test the web application […]

Nessus 5.0.1 -  Vulnerability scanner


Nessus is an automatic vulnerability scanner that can detect most known vulnerabilities, such as misconfiguration, default passwords, unpatched services, etc.

From the following picture, we can see that Nessus can […]


Achieving Anonymity with Tor Part 5: Tor Bridges and Hidden Services

1. Introduction to Tor Bridging

Running a Tor bridge is essentially the same as running a Tor relay, as far as configuration is concerned. We already mentioned that the only […]


Achieving Anonymity with Tor Part 4: Tor Relays

1. Introduction

We’ve seen that Tor network is constituted from Tor nodes, through which we tunnel our traffic to reach anonymity. So far we didn’t bother with terminology, because it […]


Achieving Anonymity with Tor Part 3: Torbutton and Tsocks

1. Introduction

In previous articles: Part 1 and Part 2 we extensively used the Tor Browser Bundle that helps us ensure our anonymity. With the Tor Browser Bundle, we can […]


Achieving Anonymity with Tor Part 2: Proxies and DNS servers

1. Using Burp with Tor

So far we’ve looked at how to set up our web browser to use Privoxy, which in turn uses Tor to achieve anonymity on the […]


Achieving Anonymity with Tor Part 1

We all know that Tor enables us to be anonymous on the Internet. In this article we’ll look at how to achieve this and truly know what we’re up […]


Sulley Fuzzing Framework Intro

1. Sulley Fuzzing Framework

Sulley is python fuzzing framework that can be used to fuzz file formats, network protocols, command line arguments, and other codes. In this three-part series, we’ll […]