HackDig : Dig high-quality web security articles for hackers

PDF File Format: Basic Structure [updated 2020]

IntroductionWe all know that there are a number of attacks where an attacker includes some shellcode in a PDF document. This shellcode uses some kind of vulnerability in how the PDF document is analyzed and presented to the user to execute malicious code on the targeted system.The following image presents the number of vulnerabilities discovered in pop
Publish At:2020-09-30 12:31 | Read:200 | Comments:0 | Tags:Exploit Development feature pdf

Securing Cookies with HttpOnly and secure Flags [Updated 2020]

Learn how to fight malwareAny program that runs can be disassembled, but that doesn’t mean it’s going to be easy. In this skills course you’ll learn⇒ Anti-Debugging Techniques⇒ Detecting Debuggers⇒ Anti-DisassemblyStart your free trialIntroductionSecuring cookies is an important subject. Think about an authentication cookie. When the attacker is
Publish At:2020-08-10 09:51 | Read:426 | Comments:0 | Tags:Hacking application security feature

Network Design: Firewall, IDS/IPS

IntroductionThere are many different types of devices and mechanisms within the security environment to provide a layered approach of defense. This is so that if an attacker is able to bypass one layer, another layer stands in the way to protect the network. Two of the most popular and significant tools used to secure networks are firewalls and intrusi
Publish At:2020-08-04 15:05 | Read:398 | Comments:0 | Tags:Application Security feature network security

RTS Threshold Configuration for Improved Wireless Network Performance [Updated 2020]

In a scenario where a lot of users connect to a wireless network and where they occasionally lose their connections, an individual or a company can tweak the wireless router’s advanced settings to optimize the performance of users and solve the problem of some users unable to obtain an IP.Most routers feature an “Advanced Settings” section that manages
Publish At:2020-08-03 10:15 | Read:428 | Comments:0 | Tags:Networking feature general security

SCADA & security of critical infrastructures [updated 2020]

IntroductionCurrent ScenarioIndustrial control systems (ICS) and Supervisory Control And Data Acquisition (SCADA) systems are critical components for the operation of industrial facilities and critical infrastructure. Successful cyberattacks could paralyze internal processes, cause financial losses and potentially lead to the loss of human lives. Many
Publish At:2020-07-15 12:46 | Read:415 | Comments:0 | Tags:Hacking SCADA / ICS Security feature scada

14 best open-source web application vulnerability scanners [updated for 2020]

Learn Vulnerability ScanningLearn about vulnerability scanning tools.This skills course covers⇒ Application and container scans⇒ Analyzing vulnerability scans⇒ Vulnerability scanningLEARN MOREIntroductionIn the past, many popular websites have been hacked. Hackers are active and always trying to hack websites and leak data. This is why security testing
Publish At:2020-07-13 10:34 | Read:554 | Comments:0 | Tags:Application Security feature general security Vulnerability

19 Extensions to Turn Google Chrome into Penetration Testing tool

Google Chrome is the most popular web browser of the world. It’s light weight and comes with a clean interface. This is the main reason of its popularity. It also has various other features that make website browsing easy and faster. Like Firefox, Chrome also supports add-ons but called extensions for Chrome. Extensions help us in improving the f
Publish At:2017-07-11 15:30 | Read:4958 | Comments:0 | Tags:Penetration Testing feature forensics

18 Extensions For Turning Firefox Into a Penetration Testing Tool

Firefox is a popular web browser from Mozilla. Popularity of Firefox is not only because it’s a good web browser, it also supports add-ons to enhance the functionality. Mozilla has a website add-on section that has thousands of useful add-ons in different categories. Some of these add-ons are useful for penetration testers and security analysts.
Publish At:2017-07-11 15:30 | Read:3823 | Comments:0 | Tags:Penetration Testing feature reverse engineering

Security Awareness – Judge the Impact to Justify the Effort

Download the BEST PRACTICES FOR DEVELOPING AN ENGAGING SECURITY AWARENESS PROGRAM whitepaperLearn the best practices for developing a security awareness training program that is engaging. Engaging awareness programs have been shown to change more users’ behavior and are seen as an asset for your organization instead of annoyance. ——
Publish At:2015-11-10 15:00 | Read:4102 | Comments:0 | Tags:Security Awareness feature general security

Certification Tracker – CISSP

Today we have launched an app that will help track resources and information related to various industry certifications. The Certification Tracker supports the following features:Meta information about the certAverage salary (data from indeed) in the US over last 12 months for jobs containing this certificationMonthly number of jobs available that list
Publish At:2015-07-15 06:10 | Read:3213 | Comments:0 | Tags:CISSP General Security IT Certifications cert tracker certif

Windows Exploit Mitigation Technology – Part 1

The spree of exploits on Windows has led to the creation of a certain type of exploit protection mechanism on Windows. Protection from things like buffer overflow, heap overwrite and return originated exploits have been deployed on Windows compilers and OS.They can be either OS specific or compiler based protections. EMET can be used to apply some of these p
Publish At:2015-02-13 14:35 | Read:4995 | Comments:0 | Tags:Exploit Development exploit development feature exploit

Ramp with 5 Levels: CISSP 2015 Update: Asset Security

The CISSP 2015 Update brings new viewpoints on the key domains covered in this certification. The CISSP is already one of the broadest of all certs in that the amount of information it covers in different fields is staggering. However, breaking this down into its component domains or fields can help to chop at it bit by bit. With the new updates, each dom
Publish At:2015-02-13 14:35 | Read:4254 | Comments:0 | Tags:CISSP feature

Security Policy Template For Hotel Networks

When booking a hotel room, you assume that it is the responsibility of the hotel to keep you and your belongings safe by not sharing your room keys or other details. But a greater threat could be lurking in your room – the WiFi connection.While high-speed wireless Internet is always a welcome amenity for hotel guests who are looking to communicate and conduc
Publish At:2015-02-12 22:50 | Read:3114 | Comments:0 | Tags:Wireless Security feature wireless security

Introduction to Smartcard Security

IntroductionIn 1968 and 1969, the smartcard was patented in German by Helmut Gröttrup and Jürgen Dethloff. The smartcard is simply a card with an Integrated Circuit that could be programmed. This technology has been used widely in our daily lives and will become one of the important keys in Internet of Things (IoT) and Machine to Machine (M2M) technology. Sm
Publish At:2015-02-12 22:50 | Read:6691 | Comments:0 | Tags:General Security feature general security

Gh0st RAT: Complete Malware Analysis – Part 1

In this article series, we will learn about one of the most predominant malware, named Gh0st RAT, whose source code is dated back to 2001 but it is still relevant today. In this article series, we will learn what exactly is Gh0st RAT, all its variants, how it works, its characteristics, etc.What is Gh0st RAT?Gh0st RAT (Remote Access Terminal) is a trojan 
Publish At:2015-02-11 15:30 | Read:4103 | Comments:0 | Tags:Malware Analysis Meta feature malware analysis

Tools

Keywords