Enhanced Mitigation Experience Toolkit (EMET)
Defining the problem First, we must define the problem before we try to find the solution. The problem with Windows systems is that they can easily be exploited. There are various exploits out there that can exploit the Windows system. This is possible because most of the users don't ...
The Basics of ASP.NET
Introduction In this article we'll talk about unicode support in various elements of the HTTP protocol, but first let's say a few words about HTTP. We won't go into depth about what HTTP is, let's just remind the reader about the elements that comprise the whole ...
LUKS and Initramfs
Initramfs Introduction Before we can continue with configuring the kernel when installing a new gentoo system, we need to create an initramfs. Since the root partition is encrypted, it has to be decrypted during the boot process, which is not done by the linux kernel, so it has to be ...
LUKS: Swap, Root and Boot Partitions
The /swap Partition We need to encrypt the swap partition, since we don't want encryption keys to be swapped to an unencrypted disk. To do that we can first use the cryptsetup to encrypt the partition and then create a swap filesystem on it in the usual way and ...
Wordpress Security for Users
Introduction We all know that Wordpress is the primary CMS system used on the Internet. We also know that security in Wordpress is not always taken for granted. The Wordpress CMS system can have different vulnerabilities in older versions, so it's vital keep it up-to-date. We should also be ...
LUKS: Formatting the Partition
Introduction When writing this tutorial, I've referenced the [2] Gentoo Linux guide and added some of my own observations and scripts. This guide should provide you with steps of how you can create an encrypted system partition on Linux, but it will also provide you with general observations about ...
NMAP Scripting Example
1. Nmap API When writing Nmap NSE scripts, we of course need to have a way to talk to the Nmap API, which provides us with various advanced features so we don't have to write those features ourselves. We can't do everything in LUA language that is used ...
NMAP Scripting Engine and Categories
1. Introduction We all know what Nmap is and what we can do with it, but for those of you who don't, here's a short overview. Nmap is an open source security scanner that can scan for open ports and also do other functions as well, such as ...
Hello World: C, Assembly, Object File and Executable
Introduction Summary: In this article we'll take a look at the C program that prints "Hello World!" to the screen, which we'll assemble and compile. Then we'll compare the results and try to present what's happening beneath the curtains. Specifically, we will look at which sections ...
Pen Testing Domain Controllers
Introduction When performing a penetration test, we're constantly stumbling upon various servers that support domain logins into the customers network. We're allowed to login if we know the username and password of an arbitrary account as well as the domain name. In this article we'll take a ...