Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Main Page"

From NetSec
Jump to: navigation, search
Line 41: Line 41:
 
'''[[application|Software]] [[Exploitation]]'''
 
'''[[application|Software]] [[Exploitation]]'''
  
[[Buffer overflow|Stack overflows]] • [[null-free shellcode]] • 32-bit [[ascii shellcode]] • 64-bit [[alphanumeric shellcode]] • [[unsafe string replacement]]
+
[[Buffer overflow|Stack overflows]] • [[Shellcode/Loaders|shellcode loaders]] • [[null-free shellcode]] • 32-bit [[ascii shellcode]] • 64-bit [[Shellcode/Alphanumeric|alphanumeric shellcode]] • [[unsafe string replacement]] • [[Shellcode/Self-modifying|Self-modifying shellcode]] • [[Shellcode/Dynamic|dynamic shellcode]] • [[Shellcode/Socket-reuse|socket reuse]]
  
  

Revision as of 05:54, 23 April 2013
Featured Article
Shellcode Appendix

The Shellcode Appendix is a collection of shellcodes and documentation developed by our staff. The included shellcode is flexible, can bypass firewalls, automated detection, and demonstrate advanced shellcoding techniques.

Learn more - Shellcode Appendix
Featured Tool
MySQLi-BlindUtils

MySQLi-BlindUtils is a collection of blind SQL injection utilities for MySQL that demonstrate a variety of techniques. It contains sqli-hap.py, which demonstrates our new comparative precomputation technique; sqli-slee.py, a time-based injection tool; and sqli-p.pl, for boolean enumeration.

Learn more - MySQLi-BlindUtils


Articles

shellcodecountermeasuresadministrationexploitationprogramming


Compiled languages

assemblylinux assemblyCC++


Software Exploitation

Stack overflowsshellcode loadersnull-free shellcode • 32-bit ascii shellcode • 64-bit alphanumeric shellcodeunsafe string replacementSelf-modifying shellcodedynamic shellcodesocket reuse


Interpreted languages

PerlPythonPHPRubyLUAThe bash bookSQL OrientationExamples of polymorphism


Web Exploitation

SQL injectionXSSCookiesFile inclusionCommand injectionCSRFXSRFXSCFColdfusion hackingSQL Backdoors


(The Index) (Contribute)


Tools
Vanguard web application vulnerability testing engine written in perl with LibWhisker2 support Jynx2 Version 2.0 of the classic LD_Preload userland rootkit written in C
Bleeding Life PHP and MySQL based browser buffer overflow exploit pack Kolkata Configurable perl scanner that analyzes checksums to perform fingerprinting on web applications with static file analysis
GScrape Google scraper written in perl for rapidly identifying vulnerable websites and generating statistics Lfi_autopwn.pl Given a file inclusion vulnerability, this Perl script will spawn a shell
Mysql5 enumerator Automatically map contents or query a remote database given a URL vulnerable to SQL injection with this perl script Social Network Redirection Utility Rickroll your friends with content-forged image redirects
Retrieved from "http://nets.ec/index.php?title=Main_Page&oldid=10779"