- I understand that, unfortunately, anything I write, can and will be used against me.
Search this blog
This blog\’s RSS feed
Categories
- Administration (27)
- Art (4)
- Cloud (11)
- Development (45)
- Education (23)
- IT guy and CIO (1)
- Management (20)
- Politics (3)
- Science (18)
- Security (12)
- SQL Server (5)
- Web design (8)
Archives
- December 2021 (1)
- March 2021 (2)
- February 2021 (1)
- January 2019 (1)
- December 2018 (4)
- November 2018 (6)
- October 2018 (3)
- August 2018 (1)
- June 2018 (1)
- April 2018 (1)
- February 2018 (1)
- January 2018 (1)
- December 2017 (1)
- November 2017 (1)
- October 2017 (2)
- September 2017 (3)
- August 2017 (1)
- July 2017 (1)
- May 2017 (3)
- April 2017 (2)
- September 2016 (1)
- June 2016 (1)
- October 2015 (1)
- September 2015 (5)
- August 2015 (3)
- July 2015 (1)
- March 2015 (1)
- September 2014 (1)
- August 2014 (7)
- July 2014 (2)
- June 2014 (2)
- May 2014 (4)
- April 2014 (1)
- March 2014 (8)
- February 2014 (6)
- January 2014 (3)
- December 2013 (3)
- November 2013 (2)
- October 2013 (1)
- September 2013 (2)
- August 2013 (1)
- July 2013 (2)
- June 2013 (8)
- February 2013 (3)
- November 2012 (2)
- October 2012 (2)
- September 2012 (5)
- August 2012 (4)
- July 2012 (3)
- June 2012 (9)
- May 2012 (1)
- April 2012 (1)
- February 2012 (1)
- January 2012 (1)
- September 2011 (2)
- August 2011 (1)
- June 2011 (3)
- May 2011 (1)
- April 2011 (1)
- March 2011 (1)
- February 2011 (2)
- October 2010 (1)
- January 2010 (1)
- November 2009 (1)
- October 2009 (1)
- May 2009 (1)
- April 2009 (4)
- March 2009 (3)
- December 2008 (1)
- October 2007 (1)
- September 2006 (1)
- August 2006 (4)
- December 2005 (1)
- November 2005 (1)
- October 2005 (1)
- September 2005 (1)
- August 2005 (1)
- July 2005 (1)
- November 2004 (1)
- July 2004 (1)
- February 2004 (1)
- July 2003 (1)
- March 2003 (1)
- May 2002 (1)
Category Archives: Security
A security proposal to Microsoft, something like UAC, but for the network
Remember UAC (User Account Control)? It is a part of Windows since Vista, but when it was first introduced, it caused quite a bad stir. People did not like because it was way too annoying. It kept pestering users for … Continue reading
Posted in Security
Comments Off on A security proposal to Microsoft, something like UAC, but for the network
Review for Osanda Malith’s Browser Freak utility
Automation is a practice and a skill that every IT professional should exercise. In penetration testing and security checks, automation is more than that; it is essential. Boring, tiring, repeated tasks, and tasks with many steps, if not left to … Continue reading
Posted in Security
Comments Off on Review for Osanda Malith’s Browser Freak utility
Now with the Gauss malware, the cat is out of the bag
The Gauss malware contains an encrypted payload. This payload is only activated during specific circumstances and those circumstances are not yet known and it is possible that they may not be found in the near future. Come to think of … Continue reading
Posted in Security
Comments Off on Now with the Gauss malware, the cat is out of the bag
Hotmail’s dirty little secret
It has been a few days since I noticed what I am about to describe and since no one (as far as I know) has brought this issue forth, I guess it is up to me to address the elephant … Continue reading
Posted in Security
Comments Off on Hotmail’s dirty little secret
The purpose of the collision attack used in the Flame malware
Title: The purpose of the collision attack used in the Flame malware Alternative title: Why did the Flame malware use a hash collision? When news about the Flame malware broke out, a lot of information became available, including that Flame … Continue reading
Posted in Security
Comments Off on The purpose of the collision attack used in the Flame malware
About the security breach at RSA
Here is what I think about the security breach at RSA: First of all, since no details have been published about what was stolen, it would be wise to assume the worst. And the worst is that not only the … Continue reading
Posted in Security
Comments Off on About the security breach at RSA
The need for a POP POP RET instruction sequence
The purpose of this post is to explain the need for a POP POP RET instruction sequence. You often read or hear that exploit writers search for this instruction sequence because it is an essential part of their exploit. But … Continue reading
Posted in Security
Comments Off on The need for a POP POP RET instruction sequence
ASCII Hex to Binary
I often come across shellcode in the form of ASCII hex, that I want to disassemble in order to find the corresponding assembly instructions, so I can understand how the shellcode operates. Although I can lookup up the assembly instructions for each opcode or set of opcodes, … Continue reading
Posted in Security
Comments Off on ASCII Hex to Binary
Stack-based buffer overflow proof of concept
In this post, I will provide proof of concept buffer overflow exploits. I will create my own programs that have specific mistakes and vulnerabilities in them, in order to exploit these mistakes using stack-based buffer overflow techniques. Of course, since … Continue reading
Posted in Security
Comments Off on Stack-based buffer overflow proof of concept
Create and test buffer overflow exploits
Notes on the creation of buffer overflow exploits To overflow a buffer, we create an exploit string that will go in the buffer. The exploit code can be either at the beginning or at the end of this string. We … Continue reading
Posted in Security
Comments Off on Create and test buffer overflow exploits
Dimitrios Kalemis 