Questions about this topic? Sign up to ask in the talk tab.
Talk:Hacking index
From NetSec
Contents
- 1 intermediate shellcode stuff
- 2 Facebook
- 3 Network Recon
- 4 Social Engineering
- 5 Subnetting
- 6 Virtual machines
- 7 Kolkata
- 8 API
- 9 Anonymity
- 10 Assembly
- 11 Buffer Overflows
- 12 C
- 13 DDoS Attack
- 14 File Inclusion
- 15 IPtables
- 16 LUA
- 17 MySQL
- 18 NGINX
- 19 Nmap
- 20 Perl
- 21 Routing
- 22 SMTP
- 23 SQL Backdoor
- 24 Tor
- 25 Unsafe String Replacement
- 26 Vanguard
- 27 Whois
- 28 XSS
- 29 CPP
- 30 Command Injection
- 31 Dmcrypt
- 32 Forensic chain of custody
- 33 Gentoo
- 34 Irssi Tutorial
- 35 Jynx Rootkit/1.0
- 36 Linux Assembly
- 37 MySQL Troubleshooting
- 38 Physical Security
- 39 Polymorphic
- 40 RoR Patching
- 41 Snort
- 42 traceroute
- 43 Wireless Security
intermediate shellcode stuff
most of this stuff goes to the Category:Indexing .
- introduction to printable 32-bit x86 polymorphic shellcode
- alphanumeric x86_64 instructions
- intercompatible alphanumeric x86 instructions
- alphanumeric x86 architecture detection
- alphanumeric x86_64 data manipulation
- converting x86_64 shellcode to alphanumeric shellcode
Computer Forensics
1 Cybercrime
1.1 Investigation
1.2 Preserving the evidence
1.3 Where to find evidence
1.3.1 Hardwarewise
1.3.2 Softwarewise
2 Forensic Imaging
2.1 HardDisk Imaging
Cyberlaw
1 Australian Cyberlaw
1.1 Acts Applying to Cybercrime in Australia
1.2 Cybercrime Act 2001 Offences
1.3 Case Study: First Cybercrime Conviction in Australia
2 European Cyberlaw
2.1 Definititons of Cybercrime as per the Budapest Convention
1 Overview
2 History
3 FQL
4 Content Forgery
4.1 Screenshots & Video
4.2 CIDR
4.2.1 Websense
4.2.2 Facebook
4.3 Proof of Concept
Network Recon
1 IP Addressing 2 Subnet Masks 3 Ports 4 Routing 5 Theory 6 Tools
Social Engineering
1 Methods
1.1 Email
1.2 Telephone
1.3 Examples
1.4 Lesson 1
1.4.1 - Preface by Wikipedia
1.4.2 - Outline of Social Engineering
1.4.3 - Analysing and Creating Milestones
1.4.4 - Mantras for Social Engineering
1.4.5 - Example
1.4.6 - Other Uses
1.5 Lesson 2 - Politeness
1.5.1 - Introduction
1.5.2 - Things To Keep in Mind
1.5.3 - Putting Social Engineering to Work
1.5.4 - Protecting Yourself From Social Engineering
Subnetting
1 General Subnetting 2 Real Life Example of Subnetting
Virtual machines
1 Subsystems
1.1 Hardware Virtualization
1.2 Host Machine
1.3 Guest Machine
2 Virtualization Tools
3 Creating Vulnerable VMs for Penetration Testing
Kolkata
1 Description
1.1 Dependencies
1.2 Usage
2 Source
3 Signature Bundles
3.1 Wordpress
3.2 Joomla
3.3 MediaWiki
API
1 API technologies
1.1 The Web
1.1.1 Web services
1.1.2 Remote Procedure Calls
1.2 General software
1.2.1 Software Libraries
1.2.2 COM objects (Windows)
Anonymity
1 General Services
1.1 Virtual Private Servers
1.2 Virtual Private Networks
1.3 SSH Tunneling
1.3.1 Basic Example of SSH Tunneling
1.4 Shell Accounts
1.5 FTP / Telnet
2 Web-Browsing
2.1 General
2.1.1 Best Practices
2.2 Firefox
2.2.1 Recommended Extensions
2.3 TODO
3 Email Privacy
3.1 PGP / GNUPG Encryption
3.2 Anonymous Remailers
3.3 Throw-away Accounts
4 IM & Chat
4.1 Instant Messaging
4.1.1 Pidgin
4.1.1.1 Using OTR
4.1.2 TorChat
4.1.3 TorPM
4.1.4 ICQ
4.2 Chat
4.2.1 IRC
4.2.1.1 Using OTR
4.2.2 SILC
4.2.2.1 Key based authentication
4.2.3 Utilising IRC Bouncers
5 Files & Hard-Disk Encryption
6 Possible Downfalls
6.1 Network Performance
6.2 Personal Information
6.3 IP Leaks
6.4 DNS Leaks
Assembly
1 Introduction
2 Binary
3 Number handling
4 Data storage
5 Memory Addressing
6 Instructions
6.1 Syntaxes
6.2 Data manipulation basic primitives
6.3 Basic arithmetic
6.4 Bitwise mathematics operators
6.5 Shifts and rotations
6.6 Control flow operators
6.7 Taking it further
Buffer Overflows
- buffer overflow protection
- cause of buffer overflow
- example buffer overflow
- disable aslr
- vulnerable overflow application
- bof.c
- disable compiler stack protection
- buffer overflow test
- buffer overflow testing for x86
- buffer overflow testing for x86_64
- disable execstack
- return address for buffer overflow
5.5 Debugging
5.5.1 Shellcode analysis
5.5.1.1 On x86
5.5.1.2 On x86-64
5.5.2 Finding the return address
5.5.2.1 On x86
5.5.2.2 On x86-64
5.6 Exploitation
5.6.1 On x86
5.6.2 On x86-64
C
1 Overview
1.1 Basic Formatting
1.1.1 Includes
1.1.2 The main() Function
1.2 Variables
1.3 Loops
1.4 If/Else
1.5 Compilation
1.6 Example Program
DDoS Attack
|
The three way hand shake information should be placed into the TCP/IP page, which should merely be linked from the ddos attack page. |
1 Three way handshake and Connect State
2 TCP Attacks
2.1 Synflood
2.1.1 Spoofed Synflood
2.1.2 Dealing with Synfloods
2.2 Advanced Attacks
2.2.1 Optimistic ACK Floods
2.2.2 Duplicate ACK Spoofing
3 UDP Attacks
3.1 Dealing with UDP floods
4 ICMP Attacks
4.1 ICMP Smurf
4.2 ICMP Redirect
File Inclusion
IPtables
LUA
1 Comments 2 Variables
- variable types in lua
2.1 Global Variables vs Local Variables 3 Functions
- list of functions used by lua
4 Tables
- using tables in lua
4.1 Declaring an empty Table
4.2 Declaring, and populating a Table
4.3 Indexing Tables
MySQL
- how to setup mysql
- install mysql
- list of mysql commands
- backup a mysql database
- restore a mysql database
NGINX
- nginx basic features NGINX#Basic_HTTP_Features
- nginx additional features NGINX#Additional_HTTP_Features
- nginx mail proxy NGINX#Mail_Proxy_Server_Features
- nginx architecture NGINX#Architecture_and_Scalability
- nginx scalability NGINX#Architecture_and_Scalability
- nginx configuration NGINX#Nginx_Configuration_Directives
- nginx error_log NGINX#error_log
- nginx disable error logging NGINX#Disabling_error_logging
- nginx access_log NGINX#access_log
- nginx proxy_pass NGINX#proxy_pass
- nginx root NGINX#root
- nginx location NGINX#Location_Block
- nginx case-insensitive location NGINX#Case-Insensitive
- nginx case-sensitive location NGINX#Case-Sensitive
- nginx regex NGINX#Regex_Matching
- nginx virtualhost NGINX#VirtualHost_Equivalents
- nginx configuration NGINX#Main_Configuration
- nginx logs NGINX#Log_Format
- nginx log format NGINX#Log_Format
- nginx timeout NGINX#Timeouts
- nginx socket settings NGINX#Socket_settings
- nginx character encoding NGINX#Character_Encoding
- nginx security NGINX#Security
- nginx performance NGINX#Performance
- nginx gzip NGINX#GZIP_Compression
- nginx compression NGINX#GZIP_Compression
- nginx output NGINX#Output_Buffering
- nginx buffering NGINX#Output_Buffering
- nginx directoryindex NGINX#DirectoryIndex Equivalent
- nginx upstream NGINX#Upstream_Example
- nginx cloudflare NGINX#NGINX_&_CloudFlare
- nginx httprealipmodule NGINX#HttpRealIpModule
- nginx troubleshooting NGINX#Troubleshooting
- nginx xml NGINX#.xml_ISE_500
- nginx ise 500 NGINX#.xml_ISE_500
- nginx status NGINX#Status_Page
- nginx status page details NGINX#Status_Page_Details
- nginx stub variables NGINX#Status_Stub_Variables
- nginx reverse proxy NGINX#Reverse_Proxy_&_Load_Balancer
- nginx load balancer NGINX#Reverse_Proxy_&_Load_Balancer
- nginx limitzone NGINX#LimitZone_(DoS_Prevention)
- nginx dos prevention NGINX#LimitZone_(DoS_Prevention)
- nginx apache rewrites NGINX#Apache_Rewrites_to_NGINX_Rewrites
- nginx spawnfcgi NGINX#SpawnFCGI_Script
- nginx script NGINX#SpawnFCGI_Script
Nmap
1 Correct Usage 2 Scan Types 3 Options 4 Evasion Techniques 5 Target Specification 6 Script Scanning 7 Conclusion
Perl
- installing perl on windows
- perl development
- cpan perl#CPAN
- hello world in perl perl#Your first program
- perl variables perl#Variables & Data Types
- perl data types perl#Variables & Data Types
- perl scalars perl#Scalars
- perl arrays perl#Arrays
- perl array functions perl#Helper Functions
- perl hashes perl#Hashes
- perl references perl#References
- perl function pointer perl#Callback References
- perl casting perl#Casting
- boolean logic in perl perl#Boolean Logic
- perl regular expression operator perl#Regular Expression
- perl boolean statements perl#Statements
- perl golfing perl#Golfing
- perl bitwise math perl#Bitwise Manipulations
- perl loops perl#Loops
- perl while loop perl#While
- perl until loop perl#Until
- perl for loop perl#For
- perl foreach perl#Foreach
- perl user input perl#User Input
- perl command line arguments perl#Command Line Arguments
- perl getopt perl#Getopt::Std
- perl functions perl#User-Defined Functions
- download throughput perl#Throughput
- perl logging perl#Log.pm
Routing
1 Subnetting Schemes 2 Real World Examples 3 Back to Subnetting 4 Extras
SMTP
SQL Backdoor
- procedural dynamic sql
- sql event procedure
- phpbb3 sql backdoor
- wordpress sql backdoor
- install sql backdoor
- prevent sql backdoor
Tor
1 How It Works
2 Common Pitfalls
3 Getting Tor and Extra Uses
3.1 Proxychains and Tor-Resolve
4 Hidden services
5 External Links
Unsafe String Replacement
- why string replacement can be unsafe
- unsafe string replacement in php
- unsafe string replacement using regular expressions
- unsafe string replacement example
- prevent unsafe string replacement
3 Defense
3.1 PHP
3.2 PCRE
3.3 Whitelisting using PCRE
Vanguard
- vanguard description
- vanguard features
- vanguard limitations
- using vanguard
- install vanguard
- configuring vanguard modules
- download vanguard
Whois
XSS
Zombies
1 Definition 2 Exploitation 3 Types of Attacks 4 Staying Safe 5 Evolution
BGP
1 Lesson 1
1.1 Network Discovery with BGP
2 Lesson 2
2.1 ASN/BGP/RIP
2.1.1 1.0 - Introduction
2.1.2 2.0 - Example
2.1.3 3.0 - RIP
Bcrypt
1 Lesson 2 1.0 - Introduction 3 2.0 - Running bcrypt 4 3.0 - General Talk 5 4.0 - Further Reading
CPP
- c++ basics CPP#Syntax
- c++ include
- c++ main
- c++ variable
- c++ data type
- c++ math
- c++ operators
- c++ if
- c++ else
- c++ functions
- c++ loop
- c++ classes
- hello world in c++
- c++ functions example]
- c++ classes example
- c++ ide
Command Injection
- test for command injection
- command injection vulnerability
- command injection exploit
- command injection with perl
- command injection on unix
Dmcrypt
- dmcrypt basics dmcrypt#Getting Started
- dmcrypt encryption dmcrypt#Encryption Ciphers and Algorithms
- dmcrypt hash dmcrypt#Hashing Algorithms
- dmcrypt cipher dmcrypt#Ciphers
- dmcrypt block device dmcrypt#Setting Up a Block Device
- dmcrypt partition dmcrypt#Creating a Partition
- dmcrypt loopback dmcrypt#Encrypting the Flat File
- dmcrypt and lvm dmcrypt#LVM and the Device Mapper
- dmcrypt service dmcrypt#Starting and Stopping the Service
Forensic chain of custody
1 Forensic Chain of Custody
1.1 Acquisition
1.2 Witnesses and Documentation
1.3 Active Memory Snapshots
Gentoo
1 Virtual Machine Setup
2 Hard Drive Setup
3 Base installation and Configuration
4 CHROOT
5 Installing Software
6 Encrypted Home Dir
7 Kernel
8 Final Configurations
9 Bootloader
10 X Server
11 BASH
11.1 Part 1: Reading files
11.2 Part 2: Navigation
11.3 Other useful commands
11.4 Directing output
12 Screen
13 Services
14 Network Services
15 Debugging Services
16 Permissions and Security Basics
17 Getting Help
18 Troubleshooting
Irssi Tutorial
1 Getting Irssi
1.1 Debian/Ubuntu
1.2 Gentoo
1.3 Slackware
1.4 Frugalware
1.5 Solaris
1.6 Arch Linux
2 Connecting to the IRC
3 Sample config file
4 References
Jynx Rootkit/1.0
1 Jynx
1.1 Introduction
1.2 Configuration & Features
1.3 Exercise & Installation
1.4 Usage
Linux Assembly
1 32 bit syscall table
1.1 Introduction
1.2 Unlinked System Calls for 32bit systems
1.3 Linked System Calls for 32bit systems
1.4 Other Code Comparisons
2 64 bit syscall table
2.1 Example: Assembly for setuid(0); execve('/bin/sh',0,0); exit(0);
MySQL Troubleshooting
- mysql innodb disabled MySQL Troubleshooting#InnoDB Disabled
- mysql locked tables MySQL Troubleshooting#Locked Tables
- mysql does not start after upgrade MySQL Troubleshooting#Post-Upgrade - MySQL does not start
- mysql datadir migration MySQL Troubleshooting#MySQL Datadir Migration
- mysql database repair MySQL Troubleshooting#Database Repair
- troubleshoot mysql innodb threads MySQL Troubleshooting#InnoDB Thread Issues
- mysql slow query log MySQL Troubleshooting#Slow Query Log
- mysql optimization MySQL Troubleshooting#Optimization Scripts
- mysql tuner MySQL Troubleshooting#MySQL Tuner
- downgrade mysql MySQL Troubleshooting#Downgrading MySQL
- upgrade mysql MySQL Troubleshooting#Upgrading MySQL
- mysql configuration MySQL Troubleshooting#Premade Configs
Physical Security
1 Overview
2 Execution
2.1 Prevention
2.2 Attack Vectors
Polymorphic
RoR Patching
1 RoR Patching
1.1 Vulnerabilities
1.2 XSS
1.3 Params Injection & Mass Assignment Abuse
Snort
1 Basic Packet Sniffing Utilities
2 Rules
2.1 Rule Headers
2.2 Rule Option Section
2.3 Example Rule
traceroute
|
|
before this part is done, traceroute and tcp traceroute must be combined, its the same thing with a different three letter acronym before it! |
TCP Traceroute
1 Overview
1.1 vs. UDP/ICMP
1.2 What you can do
1.2.1 Windows
1.2.2 Linux
Traceroute
1 Performing a Traceroute 2 Example of Tracert 3 Options for Tracert 4 Example of Traceroute 5 Options for Traceroute
Wireless Security
|
|
This page needs to be completed and updated before it is seo'd. |
1 Basics 2 Wired Equivalent Privacy (WEP) 3 Wi-Fi Protected Access (WPA / WPA2-PSK) 4 Tools 5 Reaver
--Hatter 03:23, 21 May 2012 (MSK)
