Hacking Book | Free Online Hacking Learning


safety engineer penetration testing tool penetration testing technology

Posted by bassolino at 2020-03-24

CSAW 2018 part of Web Writer

CSAW 2018 part of the web writeup CSAW topic quality is quite good, there is a certain degree of difficulty, haven't played CTF for a while, the strength of the retreat is very obvious, now the topic environment is not closed, continue to water and water (funny. JPG)

admin2019-11-25 18:49:04

Rotexy: a mobile Trojan with functions of bank Trojan and blackmail software

admin2019-11-25 18:48:56

Database reverse engineering (1)

admin2019-11-25 18:48:53

Blockchain security - contract attack in detail (5)

1、 Foreword in the above, we introduced the send() function in detail, and introduced the send() function with related examples. However, if the solid code developer does not pay attention to the relevant logic when writing, it may lead to variables

admin2019-11-25 18:48:46

Analysis of new azorult varieties

This paper introduces the variety and confusion technology of azorult malware in findmyname attack. Azorult is a Trojan horse family used in malicious macro documents spread through spam activities, and it is also a rig utilization kit

admin2019-11-25 18:48:42

Explore the vulnerability of flash swf

Foreword as a user, I don't care much about flash and other things that try to attract my attention, and even I disable them most of the time. As a developer, it reminds me of a bad memory, once

admin2019-11-25 18:48:41

Java code audit script (3)

admin2019-11-25 18:48:39

Tcache in debug middle school

Recently, there are more and more libc versions of PWN than 2.26, which is equivalent to more and more tcache related issues. So recently, we have made up a wave of tcache related issues and recorded the tune of tcache related issues

admin2019-11-25 18:48:35

Database reverse engineering (2)

(continued above) in the first article, we have given the definition of database, now let's review it. A database is a set of binary files used to store structured data and to communicate with each other

admin2019-11-25 18:48:32

2018 xnuca preliminary by lilac

By lilac PWN steak heap has a lot of bugs: UAF, IDX is not checked, no output. It's troublesome to disclose libc address first: 1. Free a chunk into unsorted bin * partial write f

admin2019-11-25 18:48:32

Tcpdump 4.5.1 vulnerability analysis (novice)

For the first vulnerability analysis, you are welcome to put forward the analysis environment Ubuntu 16.04 x86 ʄ GDB with pwndbg tcpdump 4.5.1 POC compilation and installation tcpdump $sudo apt get install li

admin2019-11-25 18:48:31

Macro virus analysis of apt28 sample analysis

Recently, I am studying apt attacks. I choose to study apt through an apt organization. I choose apt28, which is a senior attack group related to the Russian government. I will analyze this group

admin2019-11-25 18:48:28

PHP uses PCRE backtracking times to bypass some security restrictions

admin2019-11-25 18:48:15

How to modify the memory protection attribute in any process

Recently, we are faced with a very special task: changing the protection flag of memory area in any process. This task may seem trivial, but we encountered some obstacles and learned something new in the process, Lord

admin2019-11-25 18:48:11