Questions about this topic? Sign up to ask in the talk tab.

Main Page

From Security101 - Blackhat Techniques - Hacking Tutorials - Vulnerability Research - Security Tools
Jump to: navigation, search
Featured Article

Blind SQL injection

Blind SQL injection is a method of extracting database information without the extracted information appearing in the output of the given application. Also called out-of-band injection, there are primarily four methods of exploitation.

Learn more - Blind SQL injection
Featured Tool

Azazel

Azazel is a userland rootkit written in C based off of the original LD_PRELOAD technique from Jynx rootkit. Features include log cleaning, pcap subversion, anti-debugging, communications encryption, and more.

Learn more - Azazel


Articles

shellcodecountermeasuresadministrationexploitationprogramming


Compiled languages

assemblylinux assemblyCC++


Software Exploitation

Stack overflowsshellcode loadersnull-free shellcode • 32-bit ascii shellcode • 64-bit alphanumeric shellcodeunsafe string replacementSelf-modifying shellcodedynamic shellcodesocket reuse


Interpreted languages

PerlPythonPHPRubyLUAThe bash bookSQL OrientationExamples of polymorphism


Web Exploitation

SQL injectionblind SQL injectioncomparative precomputationXSSCookiesFile inclusionCommand injectionCSRFXSRFXSCFColdfusion hackingSQL Backdoors


(The Index) (Contribute)


Tools
Vanguard web application vulnerability testing engine written in perl with LibWhisker2 support Jynx2 Version 2.0 of the classic LD_Preload userland rootkit written in C
Bleeding Life PHP and MySQL based browser buffer overflow exploit pack Kolkata Configurable perl scanner that analyzes checksums to perform fingerprinting on web applications with static file analysis
GScrape Google scraper written in perl for rapidly identifying vulnerable websites and generating statistics Lfi_autopwn.pl Given a file inclusion vulnerability, this Perl script will spawn a shell
mysqli-blindutils Automatically map contents or query a remote database given a URL vulnerable to SQL injection with a variety of scripts for automated blind SQL injection Social Network Redirection Utility Rickroll your friends with content-forged image redirects
Halcyon Generates Kolkata fingerprints for web application identification. Shellcodecs Collection of shellcode development tools.
Personal tools
 


VPS-Heaven now accepting BitCoin!



Our research is made possible by your support.