HackDig : Dig high-quality web security articles for hackers

Lessons from Teaching Cybersecurity: Week 6

As I had mentioned previously, this year, I’m going back to school. Not to take classes, but to teach a course at my alma mater, Fanshawe College. I did this about a decade ago and thought it was interesting, so I was excited to give it another go. Additionally, after a friend mentioned that their kid wanted to learn Python, I developed an Intro to Python ai
Publish At:2020-11-09 12:37 | Read:339 | Comments:0 | Tags:Cyber Security teaching toolkit tools training security cybe

5 Essential Steps to Improve Cybersecurity Maturity

From small- and medium-sized organizations to large enterprises, every business is under continuous threat of security risk in today’s digital world.With the growing digital footprint and cloud adoption, organizations continue to experience sophisticated cyberthreats that hold the potential to disrupt business continuity.A vast majority of these threats can
Publish At:2020-10-28 23:43 | Read:373 | Comments:0 | Tags:Cyber Security Featured Articles Automation cybersecurity aw

Efficient audits with machine learning and Slither-simil

by Sina Pilehchiha, Concordia University Trail of Bits has manually curated a wealth of data—years of security assessment reports—and now we’re exploring how to use this data to make the smart contract auditing process more efficient with Slither-simil. Based on accumulated knowledge embedded in previous audits, we set out to detect similar vulnerable code s
Publish At:2020-10-23 13:19 | Read:390 | Comments:0 | Tags:Audits Internship Projects audits experiment Machine Learnin

PrivacyRaven has left the nest

By Suha S. Hussain, Georgia Tech If you work on deep learning systems, check out our new tool, PrivacyRaven—it’s a Python library that equips engineers and researchers with a comprehensive testing suite for simulating privacy attacks on deep learning systems. PrivacyRaven is a comprehensive testing suite for simulating privacy attacks on deep learning system
Publish At:2020-10-08 11:01 | Read:476 | Comments:0 | Tags:Internship Projects Privacy Machine Learning Python Testing

The five tools you need to manage your work environment

The coronavirus crisis has changed almost every aspect of our daily lives, and the way we work has experienced one of the most radical changes. While the whole world is working to stop the spread of the coronavirus, the great challenge faced by companies has been to move their employees to a remote work model at unprecedented speeds, while also ensuring that
Publish At:2020-05-24 08:27 | Read:779 | Comments:0 | Tags:Business Panda Security b2b telework tools

Some crypto challenges: Author writeup from BSidesSF CTF

Hey everybody, This is yet another author's writeup for BSidesSF CTF challenges! This one will focus on three crypto challenges I wrote: mainframe, mixer, and decrypto! mainframe - bad password reset .block1 { color: red; background-color: #3b3d37; border: 2px solid #17242b; margin: 2px; } .block2 { color: orange; background-color:
Publish At:2019-09-19 17:55 | Read:1175 | Comments:0 | Tags:Conferences Crypto Passwords Tools

Bitscout – The Free Remote Digital Forensics Tool Builder

Being a malware researcher means you are always busy with the struggle against mountains of malware and cyberattacks around the world. Over the past decade, the number of daily new malware findings raised up to unimaginable heights: with hundreds of thousands of malware samples per day! However, while there are some rare and dangerous malware, not every samp
Publish At:2017-07-06 06:45 | Read:4799 | Comments:0 | Tags:Software Bitscout Forensics Tools

ConverterNET v0.1 Released

I spent the past several months porting Converter to the .NET Framework and am finally able to release a public version of it. Many of the original functions are present and I’ve added a few more things to the menu. Several conveniences have also been included that may not be very obvious: + Forms are non-modal so you can have multiple forms open at
Publish At:2017-06-25 11:55 | Read:4418 | Comments:0 | Tags:Tools converter converterNET

Going the other way with padding oracles: Encrypting arbitrary data!

A long time ago, I wrote a couple blogs that went into a lot of detail on how to use padding oracle vulnerabilities to decrypt an encrypted string of data. It's pretty important to understand to use a padding oracle vulnerability for decryption before reading this, so I'd suggest going there for a refresher. When I wrote that blog and the Poracle tool origin
Publish At:2016-12-20 02:45 | Read:5830 | Comments:0 | Tags:Crypto Hacking Tools

Deobfuscating the Nemucod Downloader Script

Matt Decker from hybrid-cloudblog.com sent me this script he received via email and asked for help deobfuscating this so here we go… Here’s the WSF file he sent me: About half-way down the script, I come across this. Two variables should have caught your eye. Doing a search for the first variable name, I end up at the variable “vistaR
Publish At:2016-10-22 19:50 | Read:6092 | Comments:0 | Tags:Malscript Tools difference calculator javascript deobfuscati

KNXmap: A KNXnet/IP Scanning and Auditing Tool

Users of the KNX, a standard for home automation bus systems, may already have come across KNXnet/IP (also known as EIBnet/IP): It is an extension for KNX that defines Ethernet as a communication medium for KNX which allows communication with KNX buses over IP driven networks. Additionally, it enables one to couple multiple bus installations over IP gateways
Publish At:2016-09-05 10:50 | Read:5284 | Comments:0 | Tags:Announcements Tools Uncategorized IoT KNX python

The Key to Cyber Security May be A.I. Combined with Human Minds

Maintaining a secure company network can be a daunting task, and that’s putting it lightly. The number of cyber threats out there seem to be multiplying by the day, while the incidents of cyber attacks have become a common headline. Just ask Target or Sony about the damage that can come from infiltration by cyber criminals and hackers. And those headlines ap
Publish At:2016-08-14 23:30 | Read:5070 | Comments:0 | Tags:Featured Articles Security Awareness A.I Cyber Security Huma

Pentesting Webservices with Net.TCP Binding

Hi all, Most of you that are  pentesters  may have already tested plenty of webservices using SOAP (Simple Object Access Protocol) for communication. Typically, such SOAP messages are transferred over HTTP (Hypertext Transfer Protocol) and are encapsulated in XML (Extensible Markup Language). Microsoft has developed different representations of this protocol
Publish At:2016-08-02 22:10 | Read:5126 | Comments:0 | Tags:Security Tools negotiate net.tcp python wcf webservice

Gotta Catch ‘Em All! – WORLDWIDE! (or how to spoof GPS to cheat at Pokémon GO)

The moment, when your team leader asks you to cheat at Pokémon GO…everyone knows it, right? No? Well, I do
Publish At:2016-07-16 09:35 | Read:4102 | Comments:0 | Tags:ERNW Insecurity Tools dvb-t gps HackRF michael ossman pokemo

Locky JS and URL Revealer

From various reports, it appears that the malicious Javascript files sent via email that pull Locky down is back. Let’s see what these scripts look like: At the bottom of the script, is this function that reverses the string above, joins the characters, then evaluates it: eval(aBN3DmdER7P.split(”).reverse().join(”)); Since we’re deal
Publish At:2016-06-23 09:05 | Read:6871 | Comments:0 | Tags:Malicious Email Malscript Tools downloader javascript locky


Tag Cloud