Dejan Lukan

Dejan Lukan is a security researcher for InfoSec Institute and penetration tester from Slovenia. He is very interested in finding new bugs in real world software products with source code analysis, fuzzing and reverse engineering. He also has a great passion for developing his own simple scripts for security related problems and learning about new hacking techniques. He knows a great deal about programming languages, as he can write in couple of dozen of them. His passion is also Antivirus bypassing techniques, malware research and operating systems, mainly Linux, Windows and BSD. He also has his own blog available here:
Dejan Lukan

What is a Honey Pot? [updated 2021]

Introduction: What is a Honeypot? Honeypots are special programs that are written for one purpose: to be exploited. Honeypots emulate the appearance of a vu

Hacking clients with WPAD (web proxy auto-discovery) protocol [updated 2021]

In this tutorial, we’ll take a look at how we can hack clients in the local network by using WPAD (Web Proxy Auto-Discovery). The WPAD protocol allows automa

PDF file format: Basic structure [updated 2020]

We all know that there are a number of attacks where an attacker includes some shellcode in a PDF document. This shellcode uses some kind of vulnerability in

Hacking PDF: util.prinf() Buffer Overflow: Part 1 [Updated 2019]

1. Introduction One of the first things we need to do is to remove the PDF Reader we currently have installed and reinstall the old version of PDF Reader.[pk

Crack Me Challenge Part 4 [Updated 2019]

First we must take a look at the following piece of code that will be presented in the code segment 5: 004017FC |. B8 40000000 mov eax,40 [pkadzone zone="ma

Writing windows kernel mode driver [Updated 2019]

In this tutorial, we're going to use the Windows Driver Mode (WDM) which provides us greater flexibility than other modes while being harder to use. We'll ta

Hacking PDF: util.prinf() Buffer Overflow: Part 2 [Updated 2019]

For part 1 of this series, click here. 1. Introduction In the previous part we've seen the structure of the PDF document and extracted the JavaScript conta

Gentoo Hardening: Part 4: PaX, RBAC and ClamAV [Updated 2019]

Grsecurity and Xorg If we enable the "Disable privileged I/O" feature in the hardened kernel and reboot, we can't start X server. That's because Xorg uses pr

The basics of IDA pro

IDA Pro is the best disassembler in the business. Although it costs a lot, there's still a free version available. I downloaded IDA Pro 6.2 limited edition,

Reverse engineering tools

First, we're going to describe the process of compiling/assembling a source code to an executable file. This is very important, so we need to understand it w

A guide to installing and using the Nessus vulnerability scanner

Nessus is an automatic vulnerability scanner that can detect most known vulnerabilities, such as misconfiguration, default passwords, unpatched services, etc

Deep Packet Inspection in Cloud Containers

Cloud-Based Applications and Protocols In the previous article, we established that security in cloud-based applications is important and searching for vulne