Hacking (21)

Children categories

Exploit development (10)

Think of exploits as the bullets in hackers’ artillery. All the tools in hackers’ arsenal and all of the hackers’ actions were absurd without exploits. Exploits in simple words are some kind of data that are designed to perform a malicious action; normally the artifact is not designed to do so! Hackers somehow find a bug in a software (or hardware) and make use of that bug to build an exploit and take control of the system or perform other actions by running the exploit. Running the exploit is simply sending the crafted data to the software.

The main concentration of this category is buffer overflow exploits. Buffer overflow exploits make use of a special type of software bugs and are the most devastating type of hacker weapons. In the introduction to the buffer overflow exploit development you learn all you need for other advanced materials in exploitation area.

Most of the materials found in this category are adopted from The Art of Exploitation, A Guide to Kernel Exploitation and The Shellcoders Handbook. If you want to become a “REAL” hacker I strongly recommend you read these books.

View items...

Rootkit development (6)

In this category, rootkit technologies are discussed. The reference of most of the materials is the Professional Rootkits book by Ric Vieler from Wiley publication. Most of the source codes are the same as the original source codes in this book except the comments and minor customization. A rootkit is basically a driver so we first build a driver and then add hooking, keylogging and concealment functionalities. Please first read our introduction article to understand how to compile the rootkit, load and start it. After that you can read other articles by any order you want. While reading articles do not try to compile the codes you see, they intend to convey the knowledge so they ignore the details. At the beginning or the end of each article you see a link to download the rootkit source codes plus a compiled version in the download link. 

View items...

Latest Articles

Man in the Middle Attacks

Thursday, 22 September 2016 00:00 Written by
Man in the Middle Attacks Man in the Middle (MitM) attacks (this article is based on a laboratory presented in University of Trento, Network security course, winter 2016) are attacks in which an adversary is able to intercept, manipulate, and/or forge network traffic between two communication partners due to his…

shimming based shellcodes

Sunday, 06 March 2016 00:00 Written by
Next generation rootkits | shimming based shellcodes From my personal opinion, last year, one of the best briefings in Blackhat Europe was Sean’s work about shims. In a nutshell shims in Microsoft operating systems are for fast patching. For years nobody knew about their power for hacking until Mark Baggett…

Hacking Team Word 2013 exploit analysis

Tuesday, 01 March 2016 00:00 Written by
Hacking Team Word 2013 exploit Analysis In this study(PDF), an exploit of hacking team affecting Microsoft office 2007, 2010 and 2013 has been assessed. The exploit itself leverages the capability of Microsoft word to render Shockwave Flash files and exploits a vulnerability of Internet Explorer ActiveX. Our reverse engineering of…

kernel exploit Vs user land exploitation

Monday, 13 July 2015 00:00 Written by
kernel exploit Vs user land exploitation Kernel exploits are used for privilege escalation, whereas user-land exploits aim to access a system and arbitrary execute a command. The privilege of the spawned shell or executed command totally depends to the privilege of the target vulnerable application and in a hardened environment…

Popular Articles

Rootkit concealment part 1 Rootkit concealment is really a broad…
Rootkit concealment part 2 In my previous article: Rootkit concealment…
Keylogger Source Code Spyware is a type of malware that…
Kernel hooks | Kernel Hacking Modifying an OS’s API functionality…

privilege escalation shellcode

Monday, 13 July 2015 00:00 Written by
Privilege escalation shellcode The shellcodes of a kernel exploit and a user-land exploit are different in nature. The former is used for privilege escalation while the latter probably just steal the execution flow to his or her advantage. Remote kernel exploit shellcode share the characteristics of both world i.e. they…

X86 useful Assembly instructions and registers for hacking

Monday, 13 July 2015 00:00 Written by
X86 useful Assembly instructions and registers for hacking We can say x86 is the most common architecture among users. For hacking and exploitation, there is lots of juicy information that can be found just by reading registers. Also from an exploit writer point of view, there are interesting instructions in…

Fast and easy hacking tricks using google

Monday, 13 July 2015 00:00 Written by
Fast and easy hacking tricks using google I wrote dozens of technical article and tutorials explaining bits and bobs of hacking for professionals, for beginners looking for an easy way of hacking though this is the one. In this article you learn how to easily hack databases, cameras, DSL routers,…

Bypass DEP | Bypass ASLR | Bypass Stack Canary

Thursday, 09 July 2015 00:00 Written by
Bypass DEP and NX bit | Bypass ASLR | Bypass Stack Canary and Cookie Buffer overflows are not anymore the most popular vulnerabilities. The vulnerability analysis tools aid the developers to identify buffer overflow vulnerabilities (at least the obvious ones) at the time of development and this significantly had reduced…
Advanced Programming Concepts
News Letter

Subscribe our Email News Letter to get Instant Update at anytime