Article Archive

In our ongoing series of interviews, this week Dave Aitel answered a few questions and pulled back the curtain a bit on the methods, tools and motivation for...

As exam time approaches, everyone feels anxious about whether they’re ready to take the exam and to pass and thus to receive the CISSP certification.  For...

All seemed well with backup operations at my company, until I got a visit from an operations center engineer.  The lock already hanging open, he was holding...

Securing software has always been an issue. Whether it be web, desktop or server applications, insecure coding practices can result in substantial data loss...

The recent Application Security Europe conference (www.appseceu.org) was one of the better conferences I have had the pleasure to attend. The talks were interesting...

In these two videos, we will demonstrate how to write an exploit of the Structured Exception Handler. The video assumes you already understand how SEH and exploits...

In this video we will demonstrate how to crack WPA2 using the Airmon-ng suite. We will do it by: Identifying an access point Capturing traffic from that...

In this video, we will demonstrate the adobe_utilprintf exploit. We will show how to set up a PDF within Metasploit that will deliver an exploit via an HTML...

Several people have asked for an IT Audit Program Template for an audit based on the ISO/IEC 27002:2005(E) security standard.  This template, which can be...

Part Two in a multi-part series on holistic, multi-disciplinary analysis and reversing. You can read part one of this series here. The last post, "Mutex Analysis:...