Resources

Techniques

  • 5 Tips to Ensure Safe Penetration Tests with Metasploit – community.rapid7.com

    In my warped view of the world, vulnerabilities are APIs that weren’t entirely intended by the developer. They hey are also undocumented and unsupported. Some of these vulnerabilities are exploited more reliably than others, and there are essentially three vectors to rank them.

  • Exploiting and mitigating Java exploits in Internet Explorer – greyhathacker.net

    This year we’ve seen a number of 0 day Java exploits surfacing and various mitigating steps mentioned in various sites that could be taken to prevent us from being compromised. A lot of these mitigating steps vary from each other so when it comes to mitigate Java in Internet Explorer it adds doubt to which is the best mitigation steps to follow.

  • Defeating Windows 8 ROP Mitigation – c0decstuff.blogspot.com.es

    Windows 8 introduced a number of exploit mitigation features, including hardening of both the userland and kernel heaps, mitigation against kernel-mode NULL pointer dereferences, and protection against abuse of virtual function pointer tables.

Vulnerabilities

Other News

  • Security Researcher Compromises Cisco VoIP Phones With Vulnerability – darkreading.com

    Grad student demonstrates how phones can be turned into listening devices by attackers

  • And we’re back… – passing-the-hash.blogspot.com

    Sorry folks for the delay in getting the blog updated. I’d meant to get back to the blog sooner, but I was on the road for a month, then I was trying to finish stuff up at work, then $excuse

    [0] and then $excuse[1] and then $excuse[$i++] …
  • Hacker Of The Stars Gets 10 Years In Prison – forbes.com

    How did Chaney get himself into so much trouble? Well, he admitted that from at least November 2010 to October 2011, he hacked into the e-mail accounts of some 50 folks.