2800 changes to papers

Reverse Engineering of x86 Linux Shellcodes the Easy Way
Bypassing SSL Pinning on Android via Reverse Engineering
Reverse Engineering of x86 Linux Shellcodes the Easy Way
Bypassing SSL Pinning on Android via Reverse Engineering

[Arabic] Simple SQL Injection
SAP security: attacking sap clients
[Spanish] Asegurando nuestra red wireless
[Persian] ASP and JSP security
SAP security: attacking sap clients
[Spanish] Asegurando nuestra red wireless
[Persian] ASP and JSP security
Thin Clients: Slim Security
[Arabic] Buffer Overflow Exploitation for Beginners
[Persian] Remote Win32 Kernel Exploitation
Thin Clients: Slim Security
[Arabic] Buffer Overflow Exploitation for Beginners
[Persian] Remote Win32 Kernel Exploitation

[Turkish] TCP/IP Fragmented Packets

[Spanish] Optimización de SQL Union Injection en MYSQL
[Portuguese] Retornando para libc - Parte I
[Spanish] Busqueda Binaria Aplicada a las Blind SQL Injection
Xss & Iframe Phishing
[Portuguese] Retornando para libc - Parte I
[Spanish] Busqueda Binaria Aplicada a las Blind SQL Injection
Xss & Iframe Phishing
[German] Sicherheit von Webservern
One Click Ownage
[German] Sicherheit von Webservern
One Click Ownage
[Romanian] Vulnerabilitati Web si securizarea acestora v1.0
Cracking The Air_ The Other Way
[Romanian] Vulnerabilitati Web si securizarea acestora v1.0
-the-other-way.pdf
PE Infection - How to Inject a dll
[French] Le Social Engineering : une attaque de persuasion
Advanced PostgreSQL SQL Injection and Filter Bypass Techniques
Assault on PHP Applications
Cyclic Redundancy Check (CRC)
Web Application Firewall Bypass using HTTP Parameter Pollution
Bypassing Hardware Based (DEP) on Windows 2003 SP 2
PE Infection - How to Inject a dll
[French] Le Social Engineering : une attaque de persuasion
Advanced PostgreSQL SQL Injection and Filter Bypass Techniques
Assault on PHP Applications
Cyclic Redundancy Check (CRC)
Web Application Firewall Bypass using HTTP Parameter Pollution
Bypassing Hardware Based (DEP) on Windows 2003 SP 2
[French] Shellcodes sous Linux dans les processeurs de 32 bits x86
[Italian] Don't trust in Technology
Microsoft WPAD Technology Weakness
HTTP Parameter Pollution - Yahoo! Mail classic attack
[Portuguese] Entendendo Injeção de SQL
[Arabic] Seh Buffer Overflows Explained
[Italian] How do I crack your WEP: The FMS attack explanation
[French] Bypass authentication with reverse engineering in linux x86
[Arabic] How to crack serial numbers - reverse engineering
Reverse Code Engineering - mrinfo
[French] Shellcodes sous Linux dans les processeurs de 32 bits x86
[Italian] Don't trust in Technology
Microsoft WPAD Technology Weakness
HTTP Parameter Pollution - Yahoo! Mail classic attack
[Portuguese] Entendendo Injeção de SQL
[Arabic] Seh Buffer Overflows Explained
[Italian] How do I crack your WEP: The FMS attack explanation
[French] Bypass authentication with reverse engineering in linux x86
[Arabic] How to crack serial numbers - reverse engineering
Reverse Code Engineering - mrinfo
Why certain SWF encryption techniques can backfire
[French] Bypass authentication with buffer overflow
[Persian] Router Sniffing Network Traffic via GRE Tunneling Attack
[Italian] Analysis and Working of a Rootkit in the Operative System
[Italian] Routers and Routing process explanation through the NAT
[Portugues] Writing ettercap plugins
Controlling Malicious Software with the help of Shoutboxes
How Conficker makes use of MS08-067
Penetration: from application down to OS (IBM Websphere)
Penetration: from application down to OS (Oracle)
[French] Creation des shellcodes sous architecture Linux x86 32 bits
Pirelli Discus DRG A225 wifi router WPA2PSK Default Algorithm Vuln
Why certain SWF encryption techniques can backfire
[French] Bypass authentication with buffer overflow
[Persian] Router Sniffing Network Traffic via GRE Tunneling Attack
[Italian] Analysis and Working of a Rootkit in the Operative System
[Italian] Routers and Routing process explanation through the NAT
[Portugues] Writing ettercap plugins
Controlling Malicious Software with the help of Shoutboxes
How Conficker makes use of MS08-067
Penetration: from application down to OS (IBM Websphere)
Penetration: from application down to OS (Oracle)
[French] Creation des shellcodes sous architecture Linux x86 32 bits
Pirelli Discus DRG A225 wifi router WPA2PSK Default Algorithm Vuln
[German] Anonyme (und private) Kommunikation
[Arabic] MS Internet Explorer XML Parsing Overflow
[Arabic] API Function Parametre Hijacking Vulnerability
PHP Fuzzing In Action (Real world source code auditing)
[German] Anonyme (und private) Kommunikation
[Arabic] MS Internet Explorer XML Parsing Overflow
[Arabic] API Function Parametre Hijacking Vulnerability
PHP Fuzzing In Action (Real world source code auditing)

[arabic] Adur[ IT ] Magazine : IT security # 1 issue
TippingPoint IPS Signature Evasion by Packet Fragmentation
[Spanish] La seguridad en sistemas informaticos
[Spanish] Compilacion e interpretacion de Exploits pl_ php_ py_ c y c++
Defeating the iPhone Passcode
TippingPoint IPS Signature Evasion by Packet Fragmentation
[Spanish] La seguridad en sistemas informaticos
-php
Defeating the iPhone Passcode

[Spanish] clustering

[Arabic] Perl Writing Exploits
[Spanish] Cross Site Printing
Stack Overflow Exploitation_ Real Life Example
[Spanish] Cross Site Printing
-real-life-example.pdf
[French] Introduction to $_SERVER Superglobals Sniffing
[eZine] Road Technological Minds (RTM) Essential #6
[French] Introduction to $_SERVER Superglobals Sniffing
[eZine] Road Technological Minds (RTM) Essential #6
From Boot to Remote Root - How I owned the network
Step By Step Format String Exploitation On Windows
From Boot to Remote Root - How I owned the network
Step By Step Format String Exploitation On Windows
Practical SQL Injection: bit by bit
[Persian] Web Application Security Consortium Glossary
Bypassing Windows Server 2008 Password Protection
Transferring Exploit code using HTML Canvas
Exploiting Web 2.0 _ Real Life XSS-Worm
Exploiting Web 2.0 _ Real Life SQL Injection
[Spanish] Telefonia IP
[Spanish] Stack Overflow Como Si Estuviera En Primero
Practical SQL Injection: bit by bit
[Persian] Web Application Security Consortium Glossary
Bypassing Windows Server 2008 Password Protection
Transferring Exploit code using HTML Canvas
-real-life-xss-worm.pdf
-real-life-sql-injection.pdf
[Spanish] Telefonia IP
[Spanish] Stack Overflow Como Si Estuviera En Primero
Win Vista DLL Injection (32bit)
Applied Binary Code Obfuscation
Exploiting Buffer overflows
Mem - Jacking
[Persian] How to find ASP vulnerabilities by reading source code. (v1)
How to write a XSS (cross site scripting) worm for McCodes sites
A Post-mortem of Yahoo! Account Security
Linux on Power/Cell BE Architecture Buffer Overflow Vulnerabilities
[Spanish] Como Navegar Anonimamente en Internet
Arp Spoofing
Short review of modern vulnerability research
Win Vista DLL Injection (32bit)
Applied Binary Code Obfuscation
Exploiting Buffer overflows
Mem - Jacking
[Persian] How to find ASP vulnerabilities by reading source code. (v1)
How to write a XSS (cross site scripting) worm for McCodes sites
A Post-mortem of Yahoo! Account Security
Linux on Power/Cell BE Architecture Buffer Overflow Vulnerabilities
[Spanish] Como Navegar Anonimamente en Internet
Arp Spoofing
Short review of modern vulnerability research
w3af UserGuide French
Discussing Secure Input Solutions for Web Applications
Linux Slab Allocator Buffer Overflow Vulnerabilities (pt_BR)
w3af UserGuide French
Discussing Secure Input Solutions for Web Applications
Linux Slab Allocator Buffer Overflow Vulnerabilities (pt_BR)

Reverse Engineering Microsoft F#
Cracking the basics
Java 2 Micro Edition Based Computer Malware Propagation Technique
[eZine] Road Technological Minds (RTM) Essential #5
EXPLORATiON iN THE CROSS TERRiTORY
Security Vulnerabilities in SOHO Routers
Practical attacks against WEP and WPA
Using Parent Domain Traversal in Drive By Attacks
Sponsored Links Jacking
[Spanish] H-Zine #1
Cracking the basics
Java 2 Micro Edition Based Computer Malware Propagation Technique
[eZine] Road Technological Minds (RTM) Essential #5
EXPLORATiON iN THE CROSS TERRiTORY
Security Vulnerabilities in SOHO Routers
Practical attacks against WEP and WPA
Using Parent Domain Traversal in Drive By Attacks
Sponsored Links Jacking
[Spanish] H-Zine #1
Internet Banking Flaws in India
Reflective DLL Injection
[Spanish] 1001 ways to crack software
Internet Banking Flaws in India
Reflective DLL Injection
[Spanish] 1001 ways to crack software
Fuzzing: A Useful Approach to Finding Bugs
[Farsi] Detecting and Exploiting Vulnerability in ActiveX Controls
Fuzzing: A Useful Approach to Finding Bugs
[Farsi] Detecting and Exploiting Vulnerability in ActiveX Controls
Exploiting Tomorrow's Internet Today: Penetration testing with IPv6
Analyzing local privilege escalations in win32k
Using dual-mappings to evade automated unpackers
Unlocking the Verizon Wireless xv6800 (HTC Titan) GPS
Exploiting Tomorrow's Internet Today: Penetration testing with IPv6
Analyzing local privilege escalations in win32k
Using dual-mappings to evade automated unpackers
Unlocking the Verizon Wireless xv6800 (HTC Titan) GPS

Shell Code For Beginners
Assault on Oracle PL/SQL - Injection
TARGETING VOIP
Introduction to SQL injection
Assault on Oracle PL/SQL - Injection
TARGETING VOIP
Introduction to SQL injection
The Pirate Bay un-SSL
Client Side Security.. More severe than it seems...
The Pirate Bay un-SSL
Client Side Security.. More severe than it seems...

Gadgets: New Tech & Old Threats
Data-mining with SQL Injection and Inference
[Spanish] Técnicas de inyección en MySQL
Reverse Engineering: Smashing the Signature
Data-mining with SQL Injection and Inference
[Spanish] Técnicas de inyección en MySQL
Reverse Engineering: Smashing the Signature
[German] Sybase SQL Injection && Bypassing mod_security
[German] A german guide to WEP/WPA cracking
Simple Web-Hacking Techniques
Auditing mailing scripts for web app pentesters
Reverse Engineering: Anti-Cracking Techniques
COODE MAGAZINE NR3
[Spanish] Cross Site Scripting [XSS]
[German] Sybase SQL Injection && Bypassing mod_security
[German] A german guide to WEP/WPA cracking
Simple Web-Hacking Techniques
Auditing mailing scripts for web app pentesters
Reverse Engineering: Anti-Cracking Techniques
COODE MAGAZINE NR3
[Spanish] Cross Site Scripting [XSS]

Symantec Altiris Deployment Solution Elevation of Privileges Vulns
Access Through Access
Lateral SQL Injection: A New Class of Vulnerability in Oracle
[Spanish] Blind MySQL Injection
Security Implications of Windows Access Tokens
Access Through Access
Lateral SQL Injection: A New Class of Vulnerability in Oracle
[Spanish] Blind MySQL Injection
Security Implications of Windows Access Tokens

802.11 Attacks
ActiveX - Active Exploitation
Error based SQL Injection
An Insecurity Overview of the March Networks DVR-CCTV 3204
ActiveX - Active Exploitation
Error based SQL Injection
An Insecurity Overview of the March Networks DVR-CCTV 3204
Securing & Hardening Linux v1.0
SEH Overwrites Simplified
MS API function pointers hijacking
Securing & Hardening Linux v1.0
SEH Overwrites Simplified
MS API function pointers hijacking

Arbitrary header injection in PHP contact forms
Check Point Secure Platform Hack
High-Level Reverse Engineering
Tactical Exploitation and Response Over Solaris Sparc 5.8 / 5.9 Systems
Check Point Secure Platform Hack
High-Level Reverse Engineering
Tactical Exploitation and Response Over Solaris Sparc 5.8 / 5.9 Systems

Uncommon SQL Injection
Oracle Forensics Part 5: Finding Evidence of Data Theft in the Absence..
Tactical Exploitation
Discovery of Local BoF Exploits
Anti Forensics: making computer forensics hard
Having Fun with Proventia GX5108 & GX5008 Insecurities
Buffer Truncation Abuse in Microsoft SQL Server Based Applications
Cisco IOS Exploitation Techniques
Oracle Forensics Part 5: Finding Evidence of Data Theft in the Absence..
Tactical Exploitation
Discovery of Local BoF Exploits
Anti Forensics: making computer forensics hard
Having Fun with Proventia GX5108 & GX5008 Insecurities
Buffer Truncation Abuse in Microsoft SQL Server Based Applications
Cisco IOS Exploitation Techniques

Secure file upload in PHP web applications
Explanation of a remote buffer overflow Vulnerability
Exploitation for phun and profit
Explanation of a remote buffer overflow Vulnerability
Exploitation for phun and profit
Oracle Forensics Part 1: Dissecting the Redo Logs
Oracle Forensics Part 2: Locating Dropped Objects
Oracle Forensics Part 3: Isolating Evidence of Attacks
Oracle Forensics Part 4: Live Response
Bypass RPC portmapper filtering security PoC
Heap Feng Shui in JavaScript
Oracle Forensics Part 1: Dissecting the Redo Logs
Oracle Forensics Part 2: Locating Dropped Objects
Oracle Forensics Part 3: Isolating Evidence of Attacks
Oracle Forensics Part 4: Live Response
Bypass RPC portmapper filtering security PoC
Heap Feng Shui in JavaScript

JaSiLDBG - JavaScript inLine Debugger
LINUX SHELLCODING REFERENCE
HackThisZine (HTZ) #5 - Squat The Net!
LINUX SHELLCODING REFERENCE
HackThisZine (HTZ) #5 - Squat The Net!
Win32 Stack BufferOverFlow Real Life Vuln-Dev Process
PORT SCANNING TECHNIQUES
Stack Overflow Exploitation Explained
Overtaking Google Desktop
xss2phishing
Win32 Stack BufferOverFlow Real Life Vuln-Dev Process
PORT SCANNING TECHNIQUES
Stack Overflow Exploitation Explained
Overtaking Google Desktop
xss2phishing

MoAB Comic 1

Anatomy of a Malware

WebMin - (XSS BUG) Remote Arbitrary File Disclosure

Shellcoding for Linux and Windows Tutorial
Defeating Microsoft Windows XP SP2 Heap protection and DEP bypass
Bypassing Windows heap protections
Writing Self-Modifying Code andUtilizing Advanced Assembly Techniques
Blackberry Security: Ripe for the picking?
Dangling Cursor Snarfing: A New Class of Attack in Oracle
Defeating Microsoft Windows XP SP2 Heap protection and DEP bypass
Bypassing Windows heap protections
Writing Self-Modifying Code andUtilizing Advanced Assembly Techniques
Blackberry Security: Ripe for the picking?
Dangling Cursor Snarfing: A New Class of Attack in Oracle
On the Effectiveness of AddressSpaceRandomization
Cracking String Encryption in Java Obfuscated Bytecode
Implementing and Detecting a PCI Rootkit
John The Ripper - An Illustrated Guide
Vulnerability Enumeration For Penetration Testing
On the Effectiveness of AddressSpaceRandomization
Cracking String Encryption in Java Obfuscated Bytecode
Implementing and Detecting a PCI Rootkit
John The Ripper - An Illustrated Guide
Vulnerability Enumeration For Penetration Testing
IE ActiveX-based 0-days basics Demystified
Attacking the Code: Source Code Auditing
IE ActiveX-based 0-days basics Demystified
Attacking the Code: Source Code Auditing
API Interception via DLL Redirection
Remote / Local File Inclusion Exploits
Rainbow Tables Explained
API Interception via DLL Redirection
Remote / Local File Inclusion Exploits
Rainbow Tables Explained

Implementing a Custom X86 Encoder

Undefined Behavior

Learning Perl - Writing Exploits

Hardening Windows NT [2K_ XP_ 2003]
-xp

Learn Information Gathering By Example

Bypassing Oracle dbms_assert
Playing with Digichat (Multiple Vulnerabilities)
Web Application Auditing and Exploitation
Playing with Digichat (Multiple Vulnerabilities)
Web Application Auditing and Exploitation

XSS Attacks FAQ

Trojan White Paper
Binary Protection Schemes
SQL Injection - Are your web applications vulnerable?
Advanced SQL Injection In SQL Server Applications
Binary Protection Schemes
SQL Injection - Are your web applications vulnerable?
Advanced SQL Injection In SQL Server Applications
The story of Exploiting kmalloc() Overflows
Into my ARMs (Developing StrongARM/Linux Shellcode)
Format String Vulnerability I & II
The story of Exploiting kmalloc() Overflows
Into my ARMs (Developing StrongARM/Linux Shellcode)
Format String Vulnerability I & II
Writing Behind a Buffer
Tutorial About Format Bugs
ARC: A Synchronous Stream Cipher from Hash
The Basics of Shellcoding
Web Forms and Untraceable DDoS Attacks
Practical SEH Exploitation
Writing Behind a Buffer
Tutorial About Format Bugs
ARC: A Synchronous Stream Cipher from Hash
The Basics of Shellcoding
Web Forms and Untraceable DDoS Attacks
Practical SEH Exploitation

PowerPC / OS X (Darwin) Shellcode Assembly

Steganography FAQ

The Voyage To 0Day Using the Metasploit Framework
WLSI Windows Local Shellcode Injection
Practical Windows and Linux Shellcode Design
WLSI Windows Local Shellcode Injection
Practical Windows and Linux Shellcode Design
Using XSS to bypass CSRF protection
Exploit Writing Tutorial Part 1 - Stack Based Overflows
Exploit Writing Tutorial Part 2 - Jump to Shellcode
Exploit Writing Tutorial Part 3 - SEH
Exploit Writing Tutorial Part 3b - SEH Based Exploits
Exploit Writing Tutorial Part 4 - From Exploit to Metasploit the Basics
Exploit Writing Tutorial Part 5 - Debugger Modules in Exploit Development
Exploit Writing Tutorial Part 6 - Bypassing Stack Cookies_ SAFESEH_ Hardware DEP and ASLR
Exploit Writing Tutorial Part 7 - Unicode_ from 0x00410041 to Calc
[Spanish] Remote Code Execution V1
Reverse Honey Trap - Striking Deep inside Online Web Antivirus Engines and Analyzers
[Portuguese] Smashing the Stack for Fun and Profit
[Portuguese] Linux Security Banners
Discovering and Exploiting a remote buffer overflow in an FTP server - PART 1
[Spanish] Importance of img Tags on Web Security
Using XSS to bypass CSRF protection
Exploit Writing Tutorial Part 1 - Stack Based Overflows
Exploit Writing Tutorial Part 2 - Jump to Shellcode
Exploit Writing Tutorial Part 3 - SEH
Exploit Writing Tutorial Part 3b - SEH Based Exploits
Exploit Writing Tutorial Part 4 - From Exploit to Metasploit the Basics
Exploit Writing Tutorial Part 5 - Debugger Modules in Exploit Development
-safeseh
-from-0x00410041-to-calc.pdf
[Spanish] Remote Code Execution V1
Reverse Honey Trap - Striking Deep inside Online Web Antivirus Engines and Analyzers
[Portuguese] Smashing the Stack for Fun and Profit
[Portuguese] Linux Security Banners
Discovering and Exploiting a remote buffer overflow in an FTP server - PART 1
[Spanish] Importance of img Tags on Web Security
Remote Exploitation
[German] Computer Virus Methods
[German] Cross Site Scripting
Remote Exploitation
[German] Computer Virus Methods
[German] Cross Site Scripting
[Arabic] Overflow Exploitation
[Persian] Common Attacks Against Wireless Networks - Part I
[Persian] Packet Sniffing
[Arabic] Overflow Exploitation
[Persian] Common Attacks Against Wireless Networks - Part I
[Persian] Packet Sniffing

[Portuguese] Exploiting Integer Array Overflows

Remote Buffer Overflow Exploits

SSL Sniffing
Blackboxes (with 0day)
Injection Techniques to Anti-Bypass
[Turkish] SynFlood DDOS Attacks and Prevention
Blackboxes (with 0day)
Injection Techniques to Anti-Bypass
[Turkish] SynFlood DDOS Attacks and Prevention
[Deutsch] Kryptographie - Die Magie der asymmetrischen Verschlüsselung
[Turkish] PHP RFI Prevention
[Deutsch] Kryptographie - Die Magie der asymmetrischen Verschlüsselung
[Turkish] PHP RFI Prevention

[Portuguese] - Tutorial Basico de Assembly - Linux/i386
[Spanish] PFD (Partial Function Disclosure)
Building your own UD-Shellcodes part-1
[Spanish] PFD (Partial Function Disclosure)
Building your own UD-Shellcodes part-1
[French] RIGHT TO LEFT OVERRIDE UNICODE CAN BE USED IN MULTIPLE SPOOFING CASES
The (in)security of Omegle - What Omegle users should know
RIGHT TO LEFT OVERRIDE UNICODE CAN BE USED IN MULTIPLE SPOOFING CASES
[Arabic] Fishing on Xss Way
[French] RIGHT TO LEFT OVERRIDE UNICODE CAN BE USED IN MULTIPLE SPOOFING CASES
The (in)security of Omegle - What Omegle users should know
RIGHT TO LEFT OVERRIDE UNICODE CAN BE USED IN MULTIPLE SPOOFING CASES
[Arabic] Fishing on Xss Way

Inyeccion SQL en MSSQL - HackTimes.com

[Spanish] PoisonHost with PowerPoint
Hacking Oracle from the Web: Exploiting SQL Injection from Web Applications
[Spanish] Wide WiFi Security
Hacking Oracle from the Web: Exploiting SQL Injection from Web Applications
[Spanish] Wide WiFi Security
Exploit Writing Tutorial Part 8 - Win32 Egg Hunting
Exploit Writing Tutorial Part 9 - Introduction to Win32 shellcoding
Exploit Writing Tutorial Part 8 - Win32 Egg Hunting
Exploit Writing Tutorial Part 9 - Introduction to Win32 shellcoding
MySQL Injection Using darkMySQLi.py
[Italian] Cross Application Scripting
[Italian] Cross Application Scripting Presentation at Security Summit 2010 Milan
MySQL Injection Using darkMySQLi.py
[Italian] Cross Application Scripting
[Italian] Cross Application Scripting Presentation at Security Summit 2010 Milan

Pwn20wn 2010 Windows 7 Internet Explorer 8 Exploit
[Turkish] Playing TCP/IP packets with Hping-I
[Turkish] Playing TCP/IP packets with Hping-II
[Turkish] Network Discovery and Port Scanninng with Hping
[Turkish] Playing TCP/IP packets with Hping-I
[Turkish] Playing TCP/IP packets with Hping-II
[Turkish] Network Discovery and Port Scanninng with Hping
[Hungarian] Using Aircrack-ng
[Spanish] Jugando con XSS
Writing Custom Encoders with no null Bytes
[Arabic] Protecting PHP applications from hacking 1
[Arabic] Protecting PHP applications from hacking 2
[Arabic] Basic Buffer overflow Exploitation
[Hungarian] Using Aircrack-ng
[Spanish] Jugando con XSS
Writing Custom Encoders with no null Bytes
[Arabic] Protecting PHP applications from hacking 1
[Arabic] Protecting PHP applications from hacking 2
[Arabic] Basic Buffer overflow Exploitation
MorningStar Security - Next Generation Web Scanning Presentation - public
Local File Inclusion
MorningStar Security - Next Generation Web Scanning Presentation - public
Local File Inclusion

Adobe Reader's Custom Memory Management: A Heap of Trouble
How-to:DNS Enumeration
Hash Collision Attack Vectors on the eD2k P2P Network
Flag Execution for Easy Local Privilege Escalation
Phishing - The Art of fooling End Users and Anti-Phishing (2-way Authentication System)
How-to:DNS Enumeration
Hash Collision Attack Vectors on the eD2k P2P Network
Flag Execution for Easy Local Privilege Escalation
Phishing - The Art of fooling End Users and Anti-Phishing (2-way Authentication System)
Easy Method:Blind SQL Injection
GDT & LDT in Windows kernel vulnerability Exploitation
Easy Method:Blind SQL Injection
GDT & LDT in Windows kernel vulnerability Exploitation
MySQL Session Hijacking over RFI
SQL Injection Filtering
Finding vulnerabilities of YaFtp 1.0.14 (a client-side FTP application)
Improve File Uploaders’ Protections – Bypass Methods- Rev. 1.0
[Arabic] Internet Explorer ActiveX Audit with ComRaider
[Persian] Introduction to CSRF Attack
The Sulley Framework: Basics
'Metasplizing' Convert an existing Exploit to MSF Module
MySQL Session Hijacking over RFI
SQL Injection Filtering
Finding vulnerabilities of YaFtp 1.0.14 (a client-side FTP application)
Improve File Uploaders’ Protections – Bypass Methods- Rev. 1.0
[Arabic] Internet Explorer ActiveX Audit with ComRaider
[Persian] Introduction to CSRF Attack
The Sulley Framework: Basics
'Metasplizing' Convert an existing Exploit to MSF Module
Bypassing DEP with WPM & ROP
[Turkish] DDos Attacks Analysis
Bypassing DEP with WPM & ROP
[Turkish] DDos Attacks Analysis
[French] HZV e-zine #1
[French] HZV e-zine #2
[French] HZV e-zine #3
[Hebrew] Digital Whisper Security Magazine #9
[Turkish] Bot Networks
Exploit writing tutorial part 10 : Chaining DEP with ROP – the Rubik’s[TM] Cube
[French] HZV e-zine #1
[French] HZV e-zine #2
[French] HZV e-zine #3
[Hebrew] Digital Whisper Security Magazine #9
[Turkish] Bot Networks
Exploit writing tutorial part 10 : Chaining DEP with ROP – the Rubik’s[TM] Cube
[Hebrew] Digital Whisper Security Magazine #1
[Hebrew] Digital Whisper Security Magazine #4
[Hebrew] Digital Whisper Security Magazine #6
[Hebrew] Digital Whisper Security Magazine #8
[Hebrew] Digital Whisper Security Magazine #2
[Hebrew] Digital Whisper Security Magazine #3
[Hebrew] Digital Whisper Security Magazine #5
[Hebrew] Digital Whisper Security Magazine #7
[Hebrew] Digital Whisper Security Magazine #1
[Hebrew] Digital Whisper Security Magazine #4
[Hebrew] Digital Whisper Security Magazine #6
[Hebrew] Digital Whisper Security Magazine #8
[Hebrew] Digital Whisper Security Magazine #2
[Hebrew] Digital Whisper Security Magazine #3
[Hebrew] Digital Whisper Security Magazine #5
[Hebrew] Digital Whisper Security Magazine #7

[Hebrew] Digital Whisper Security Magazine #10

[Hebrew] Digital Whisper Security Magazine #9
Cisco VoIP Phones - A Hackers Perspective
SQL Injection Tutorial
[Hebrew] Digital Whisper Security Magazine #11
Exploitation on ARM - Presentation
Exploitation on ARM - Whitepaper
[Persian] CRLF Injection Attacks
Cisco VoIP Phones - A Hackers Perspective
SQL Injection Tutorial
[Hebrew] Digital Whisper Security Magazine #11
Exploitation on ARM - Presentation
Exploitation on ARM - Whitepaper
[Persian] CRLF Injection Attacks
[Vietnamese] How to attack and fix Local File Disclosure
[Georgian] Metasploit_ Full Review
Injector Mask or A Tool
Exploiting Large Memory Management Vulnerabilities in Xorg Server Running on Linux
[Turkish] Binary Code Modification (Patching Vulnerabilities)
Cracking Salted Hashes
[Arabic] Paper Sniffer Password WireShark
[Arabic] Paper Introduction to Penetration Testing
DDoS Attacks explaination_ classification and suggested solutions
Binary Code Modification
[Vietnamese] How to attack and fix Local File Disclosure
-full-review.pdf
Injector Mask or A Tool
Exploiting Large Memory Management Vulnerabilities in Xorg Server Running on Linux
[Turkish] Binary Code Modification (Patching Vulnerabilities)
Cracking Salted Hashes
[Arabic] Paper Sniffer Password WireShark
[Arabic] Paper Introduction to Penetration Testing
-classification-and-suggested-solutions.pdf
Binary Code Modification

[Arabic] Encryption File Text (mcrypt packages)

[Arabic] DHCP Spoofing and Starvation
[Arabic] Advanced XSS
MOAUB #1 - Adobe Acrobat Reader / Flash Player - _newclass_ invalid pointer - Binary Analysis
MOAUB #1 - Cpanel - PHP Restriction Bypass Vulnerability 0day
[Arabic] Advanced XSS
MOAUB #1 - Adobe Acrobat Reader / Flash Player - _newclass_ invalid pointer - Binary Analysis
MOAUB #1 - Cpanel - PHP Restriction Bypass Vulnerability 0day
MOAUB #2 - Apple QuickTime - FlashPix NumberOfTiles Vulnerability - Binary Analysis
MOAUB #2 - rainbowportal - Multiple Vulnerabilities – 0day
MOAUB #3 - Visinia CMS - Multiple Vulnerabilities - 0day
MOAUB #3 - Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner - Binary Analysis
MOAUB #4 – Syndeocms 2.8.02 - Multiple Vulnerabilities - 0day
MOAUB #4 – Movie Maker - Remote Code Execution (MS10-016) - Binary Analysis
MOAUB #5 - Microsoft MPEG Layer-3 - Remote Command Execution - Binary Analysis
moaub #5 - ifnuke - Multiple Vulnerabilities 0day
[Arabic] What Do You Know About Steganography?
moaub #6 - Interphoto Gallery - Multiple Vulnerabilities - 0day
MOAUB #6 – HP OpenView NNM - webappmon execvp_nc Remote Code Execution - Binary Analysis
[Arabic] Paper Introduction What Is Sniffer
[Arabic] Paper Introduction WireLess Work
moaub #7 - dynpage <= 1.0 - Multiple Vulnerabilities (0day)
MOAUB #7 - Novell Netware - NWFTPD RMD/RNFR/DELE Argument Parsing Buffer overflow
moaub #8 – sirang web-based d-control - Multiple Vulnerabilities (0day)
MOAUB #8 - Microsoft Office Visio - .DXF File Stack based Overflow - Binary Analysis
MOAUB #9 - Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability
moaub #9 – festos cms 2.3b - Multiple Vulnerabilities
MOAUB #10 - Excel - RTD Memory Corruption
MOAUB #10 - aradblog - Multiple Vulnerabilities
[Spanish] Elliptic Curve Cryptography Anomalous Curves
[Arabic] Break the Encryption wep-psk in Wireless Networks
MOAUB #11 - ASP Nuke SQL Injection Vulnerability
MOAUB #11 - Microsoft Office Word 2007 - sprmCMajority Buffer Overflow
Hiding Your Data Inside the Padding Area of Files and Packets (steganography)
MOAUB #12 - eshtery CMS - SQL Injection Vulnerability
MOAUB #12 - Adobe Acrobat / Reader - _pushstring_ Memory Corruption
MOAUB #13 - Luftguitar CMS - Vulnerability: Upload Arbitrary File
MOAUB #13 - RealPlayer FLV - Parsing Integer Overflow
MOAUB #14 - FreeDiscussionForums 1.0 - Multiple Vulnerabilities
MOAUB #14 - Novell iPrint Client Browser Plugin - ExecuteRequest debug Parameter Stack Overflow
Forensics - Analyzing an Unknown Image (NTFS)
MOAUB #15 - Ipswitch Imail Server - List Mailer Reply-To Address Memory Corruption
MOAUB #15 - php microcms 1.0.1 - Multiple Vulnerabilities
[Brazilian] Exploring IP Fragmentation for Fun and Profit (POC)
MOAUB #16 - Mojoportal - Multiple Vulnerabilities
MOAUB #16 - Microsoft Excel - HFPicture Record Parsing Remote Code Execution Vulnerability
Smashing the stack in 2010
MOAUB #17 - Firefox Plugin Parameter - EnsureCachedAttrParamArrays Remote Code Execution
MOAUB #17 - phpmyfamily - Multiple Vulnerabilities
MOAUB #18 - Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability
MOAUB #18 - CMSimple - CSRF Vulnerability
MOAUB #19 - Novell iPrint Client Browser Plugin - call-back-url Stack Overflow
MOAUB #19 - jmd-cms - Multiple Vulnerabilities
[Vietnamese] Metasploit over the Internet
MOAUB #20 - Java CMM readMabCurveData Stack Overflow
MOAUB #20 - VWD-CMS - CSRF Vulnerability
MOAUB #21 - Microsoft Excel - WOPT Record Parsing Heap Memory Corruption
MOAUB #21 - Personal.Net Portal - Multiple Vulnerabilities
MOAUB #22 - Adobe Shockwave - Director tSAC Chunk Memory Corruption
MOAUB #22 - gausCMS - Multiple Vulnerabilities
[Turkish] Binary Analysis Example
MOAUB #23 - Adobe Acrobat Reader / Flash - 'newfunction' Remote Code Execution Vulnerability
MOAUB #23 - Microsoft Excel - HFPicture Record Parsing Memory Corruption (0day)
MOAUB #24 - Microsoft Excel - OBJ Record Stack Overflow
MOAUB #24 - Microsoft MPEG Layer-3 Audio Decoder - Division By Zero
MOAUB #26 - Microsoft Cinepak Codec - CVDecompress Heap Overflow
MOAUB #25 - Mozilla Firefox - CSS font-face Remote Code Execution Vulnerability
MOAUB #25 - VisualSite CMS 1.3 - Multiple Vulnerabilities
MOAUB #2 - Apple QuickTime - FlashPix NumberOfTiles Vulnerability - Binary Analysis
MOAUB #2 - rainbowportal - Multiple Vulnerabilities – 0day
MOAUB #3 - Visinia CMS - Multiple Vulnerabilities - 0day
MOAUB #3 - Trend Micro Internet Security Pro 2010 - ActiveX extSetOwner - Binary Analysis
MOAUB #4 – Syndeocms 2.8.02 - Multiple Vulnerabilities - 0day
MOAUB #4 – Movie Maker - Remote Code Execution (MS10-016) - Binary Analysis
MOAUB #5 - Microsoft MPEG Layer-3 - Remote Command Execution - Binary Analysis
moaub #5 - ifnuke - Multiple Vulnerabilities 0day
[Arabic] What Do You Know About Steganography?
moaub #6 - Interphoto Gallery - Multiple Vulnerabilities - 0day
MOAUB #6 – HP OpenView NNM - webappmon execvp_nc Remote Code Execution - Binary Analysis
[Arabic] Paper Introduction What Is Sniffer
[Arabic] Paper Introduction WireLess Work
moaub #7 - dynpage <= 1.0 - Multiple Vulnerabilities (0day)
MOAUB #7 - Novell Netware - NWFTPD RMD/RNFR/DELE Argument Parsing Buffer overflow
moaub #8 – sirang web-based d-control - Multiple Vulnerabilities (0day)
MOAUB #8 - Microsoft Office Visio - .DXF File Stack based Overflow - Binary Analysis
MOAUB #9 - Mozilla Firefox - XSLT Sort Remote Code Execution Vulnerability
moaub #9 – festos cms 2.3b - Multiple Vulnerabilities
MOAUB #10 - Excel - RTD Memory Corruption
MOAUB #10 - aradblog - Multiple Vulnerabilities
[Spanish] Elliptic Curve Cryptography Anomalous Curves
[Arabic] Break the Encryption wep-psk in Wireless Networks
MOAUB #11 - ASP Nuke SQL Injection Vulnerability
MOAUB #11 - Microsoft Office Word 2007 - sprmCMajority Buffer Overflow
Hiding Your Data Inside the Padding Area of Files and Packets (steganography)
MOAUB #12 - eshtery CMS - SQL Injection Vulnerability
MOAUB #12 - Adobe Acrobat / Reader - _pushstring_ Memory Corruption
MOAUB #13 - Luftguitar CMS - Vulnerability: Upload Arbitrary File
MOAUB #13 - RealPlayer FLV - Parsing Integer Overflow
MOAUB #14 - FreeDiscussionForums 1.0 - Multiple Vulnerabilities
MOAUB #14 - Novell iPrint Client Browser Plugin - ExecuteRequest debug Parameter Stack Overflow
Forensics - Analyzing an Unknown Image (NTFS)
MOAUB #15 - Ipswitch Imail Server - List Mailer Reply-To Address Memory Corruption
MOAUB #15 - php microcms 1.0.1 - Multiple Vulnerabilities
[Brazilian] Exploring IP Fragmentation for Fun and Profit (POC)
MOAUB #16 - Mojoportal - Multiple Vulnerabilities
MOAUB #16 - Microsoft Excel - HFPicture Record Parsing Remote Code Execution Vulnerability
Smashing the stack in 2010
MOAUB #17 - Firefox Plugin Parameter - EnsureCachedAttrParamArrays Remote Code Execution
MOAUB #17 - phpmyfamily - Multiple Vulnerabilities
MOAUB #18 - Apple QuickTime FLI LinePacket Remote Code Execution Vulnerability
MOAUB #18 - CMSimple - CSRF Vulnerability
MOAUB #19 - Novell iPrint Client Browser Plugin - call-back-url Stack Overflow
MOAUB #19 - jmd-cms - Multiple Vulnerabilities
[Vietnamese] Metasploit over the Internet
MOAUB #20 - Java CMM readMabCurveData Stack Overflow
MOAUB #20 - VWD-CMS - CSRF Vulnerability
MOAUB #21 - Microsoft Excel - WOPT Record Parsing Heap Memory Corruption
MOAUB #21 - Personal.Net Portal - Multiple Vulnerabilities
MOAUB #22 - Adobe Shockwave - Director tSAC Chunk Memory Corruption
MOAUB #22 - gausCMS - Multiple Vulnerabilities
[Turkish] Binary Analysis Example
MOAUB #23 - Adobe Acrobat Reader / Flash - 'newfunction' Remote Code Execution Vulnerability
MOAUB #23 - Microsoft Excel - HFPicture Record Parsing Memory Corruption (0day)
MOAUB #24 - Microsoft Excel - OBJ Record Stack Overflow
MOAUB #24 - Microsoft MPEG Layer-3 Audio Decoder - Division By Zero
MOAUB #26 - Microsoft Cinepak Codec - CVDecompress Heap Overflow
MOAUB #25 - Mozilla Firefox - CSS font-face Remote Code Execution Vulnerability
MOAUB #25 - VisualSite CMS 1.3 - Multiple Vulnerabilities
MOAUB #26 - Zenphoto - Config Update / Command Execution
MOAUB #27 - Microsoft Internet Explorer - MSHTML Findtext Processing Issue
MOAUB #27 - ndCMS - SQL Injection Vulnerability
[German] Paper: DDoS Schutz - Abwehr von DDoS Attacken
Practical Padding Oracle Attacks
MOAUB #28 - AtomatiCMS - Upload Arbitrary File Vulnerability
MOAUB #28 - JE CMS 1.0.0 - Bypass Authentication by SQL Injection Vulnerability
MOAUB #29 - Microsoft Excel - SxView Record Parsing Heap Memory Corruption
MOAUB #30 - Microsoft Unicode Scripts Processor - Remote Code Execution
MOAUB #30 - ASPMass Shopping Cart - Vulnerability File Upload CSRF
[Portuguese] Criar Exploits Para o Windows com a Ajuda da Metasploit Framework
[Arabic] Intro to Metasploit
[Portuguese] Introdução ao Metasploit
Hexinject introduction guide
[Hebrew] Digital Whisper Security Magazine #13
[Iranian] My SQL Injection
[French] 50-1337 Magazine
[Italian] Buffer Overflow
In Memory Fuzzing: Real Time Input Tracing & Fuzzing
MOAUB #26 - Zenphoto - Config Update / Command Execution
MOAUB #27 - Microsoft Internet Explorer - MSHTML Findtext Processing Issue
MOAUB #27 - ndCMS - SQL Injection Vulnerability
[German] Paper: DDoS Schutz - Abwehr von DDoS Attacken
Practical Padding Oracle Attacks
MOAUB #28 - AtomatiCMS - Upload Arbitrary File Vulnerability
MOAUB #28 - JE CMS 1.0.0 - Bypass Authentication by SQL Injection Vulnerability
MOAUB #29 - Microsoft Excel - SxView Record Parsing Heap Memory Corruption
MOAUB #30 - Microsoft Unicode Scripts Processor - Remote Code Execution
MOAUB #30 - ASPMass Shopping Cart - Vulnerability File Upload CSRF
[Portuguese] Criar Exploits Para o Windows com a Ajuda da Metasploit Framework
[Arabic] Intro to Metasploit
[Portuguese] Introdução ao Metasploit
Hexinject introduction guide
[Hebrew] Digital Whisper Security Magazine #13
[Iranian] My SQL Injection
[French] 50-1337 Magazine
[Italian] Buffer Overflow
In Memory Fuzzing: Real Time Input Tracing & Fuzzing
Software Fuzzing with Wireplay
Intelligent Debugging and In Memory Fuzzing
No More Signatures: Defending Web Applications from 0Day Attacks with ModProfiler Using Traffic Profiling
DTrace - Applied Reverse Engineering on OSX
Weaponizing Wireless Networks: An Attack Tool for Launching Attacks against Sensor Networks
Breaking the _Unbreakable_ Oracle with Metasploit
Binding the Daemon: FreeBSD Kernel Stack and Heap Exploitation
Hijacking Web 2.0 Sites with SSLstrip—Hands-on Training
Bypassing SEHOP
[Hebrew] Digital Whisper Security Magazine #14
[Arabic] Exploit Writing - Stack Overflows
Software Fuzzing with Wireplay
Intelligent Debugging and In Memory Fuzzing
No More Signatures: Defending Web Applications from 0Day Attacks with ModProfiler Using Traffic Profiling
DTrace - Applied Reverse Engineering on OSX
Weaponizing Wireless Networks: An Attack Tool for Launching Attacks against Sensor Networks
Breaking the _Unbreakable_ Oracle with Metasploit
Binding the Daemon: FreeBSD Kernel Stack and Heap Exploitation
Hijacking Web 2.0 Sites with SSLstrip—Hands-on Training
Bypassing SEHOP
[Hebrew] Digital Whisper Security Magazine #14
[Arabic] Exploit Writing - Stack Overflows
[Italian] Full Path Disclosure and Remote SQL Command Execution
Trend Micro DLP 5.2 Data Leakage
Token Hijacking with XSS
Microsoft SQL Server Passwords
Exploiting and Protecting Oracle
SHODAN for DNS Information Gathering
Bypassing Export Address Table Filters
Exploiting Stack Overflows in the Linux Kernel
[Italian] Full Path Disclosure and Remote SQL Command Execution
Trend Micro DLP 5.2 Data Leakage
Token Hijacking with XSS
Microsoft SQL Server Passwords
Exploiting and Protecting Oracle
SHODAN for DNS Information Gathering
Bypassing Export Address Table Filters
Exploiting Stack Overflows in the Linux Kernel
Microsoft Windows SAM Processing Flaw - Persistent Administrative Access PoC
Escaping from Microsoft’s Protected Mode Internet Explorer
[Spanish] INTO OUTFILE explanation of SQL Injection
[Turkish] PDF Malware Analysis
AEG: Automatic Exploit Generation
Microsoft Windows SAM Processing Flaw - Persistent Administrative Access PoC
Escaping from Microsoft’s Protected Mode Internet Explorer
[Spanish] INTO OUTFILE explanation of SQL Injection
[Turkish] PDF Malware Analysis
AEG: Automatic Exploit Generation

Heap Taichi: Exploiting Memory Allocation Granularity in Heap-Spraying Attacks

Bypassing a Cisco IOS Firewall
[Kurdish] SQL Injection Attacks
[Hebrew] Digital Whisper Security Magazine #16
[Kurdish] SQL Injection Attacks
[Hebrew] Digital Whisper Security Magazine #16
[Hebrew] Digital Whisper Security Magazine #12
[Hebrew] Digital Whisper Security Magazine #13
[Hebrew] Digital Whisper Security Magazine #15
Windows Thumbnail Buffer Overflow: A Vulnerability in My Heart
[Hebrew] Digital Whisper Security Magazine #12
[Hebrew] Digital Whisper Security Magazine #13
[Hebrew] Digital Whisper Security Magazine #15
Windows Thumbnail Buffer Overflow: A Vulnerability in My Heart
Evolutionary Fuzzing
Bypassing Browser Memory Protections
The evil karmetasploit upgrade
Oracle_ Interrupted: Stealing Sessions and Credentials
Neurosurgery With Meterpreter
Attacking Oracle Web Applications with Metasploit
Router Exploitation
Remote Library Injection
Metasploit’s Meterprerter
Metasploit Framework Telephony
Hackproofing Lotus Domino Web Server
Windows Access Tokens – A Penetration Tester’s Guide
Advanced SQL Injection Exploitation to Operating System Full Control
SAP Penetration Testing
State of the Art Post Exploitation in Hardened PHP Environments
Advanced MySQL Exploitation
Evolutionary Fuzzing
Bypassing Browser Memory Protections
The evil karmetasploit upgrade
-interrupted-stealing-sessions-and-credentials.pdf
Neurosurgery With Meterpreter
Attacking Oracle Web Applications with Metasploit
Router Exploitation
Remote Library Injection
Metasploit’s Meterprerter
Metasploit Framework Telephony
Hackproofing Lotus Domino Web Server
Windows Access Tokens – A Penetration Tester’s Guide
Advanced SQL Injection Exploitation to Operating System Full Control
SAP Penetration Testing
State of the Art Post Exploitation in Hardened PHP Environments
Advanced MySQL Exploitation
Heap Overflow For Humans - 101
Exploiting the otherwise non-exploitable
Heap Overflow For Humans - 101
Exploiting the otherwise non-exploitable
The Abuse of ASSOC Explained
Linux Exploit Development Part 3 (Rev 2) - Real App Demo ret2libc
XSS Street-Fight: The Only Rule Is There Are No Rules
Non-Executable Stack ARM Exploitation
The Apple Sandbox
Kernel Pool Exploitation on Windows 7
[Iranian] ASP Hacking Methods
Attacking Server Side XML Parsers
Antivirus Firewall Evasion Techniques Evolution of Download Deploy Shellcode
Effectiveness of Antivirus in Detecting Web Application Backdoors
The Abuse of ASSOC Explained
Linux Exploit Development Part 3 (Rev 2) - Real App Demo ret2libc
XSS Street-Fight: The Only Rule Is There Are No Rules
Non-Executable Stack ARM Exploitation
The Apple Sandbox
Kernel Pool Exploitation on Windows 7
[Iranian] ASP Hacking Methods
Attacking Server Side XML Parsers
Antivirus Firewall Evasion Techniques Evolution of Download Deploy Shellcode
Effectiveness of Antivirus in Detecting Web Application Backdoors
[Macedonian] The Metasploit Framework
Stack Overflow: Automatic write() discovery
[Indonesian] Praktek Stack Buffer Overflow
[Hebrew] Digital Whisper Security Magazine #17
Exploit Development Made Easy with !pvefindaddr
[Indonesian] Code Reborn (eZine)
Exploiting the otherwise non-exploitable: Windows kernel-mode GS Cookies subverted
Access denied - A guide for breakers
Exploiting ARM Linux systems
Forgotten World: Corporate Business Application Systems
Penetration Testing Biometrics Systems
[Portuguese] Heap Spray Attack
15 First Dates With Assembly Programming
The Beginners Guide to XSS
Reversing Basics - A Practical Approach [tutorial]
[Macedonian] The Metasploit Framework
Stack Overflow: Automatic write() discovery
[Indonesian] Praktek Stack Buffer Overflow
[Hebrew] Digital Whisper Security Magazine #17
Exploit Development Made Easy with !pvefindaddr
[Indonesian] Code Reborn (eZine)
Exploiting the otherwise non-exploitable: Windows kernel-mode GS Cookies subverted
Access denied - A guide for breakers
Exploiting ARM Linux systems
Forgotten World: Corporate Business Application Systems
Penetration Testing Biometrics Systems
[Portuguese] Heap Spray Attack
15 First Dates With Assembly Programming
The Beginners Guide to XSS
Reversing Basics - A Practical Approach [tutorial]
Windows 7/2008 Event Log Forensic and Reversing Analysis
Linux Exploit Development Part 1 - Stack Overflow
PHP LFI to Arbitrary Code Execution via rfc1867 File Upload Temporary Files
Exploitation of _Self-Only_ XSS in Google Code
Linux Exploit Writing Tutorial Part 2 - Stack Overflow ASLR bypass Using ret2reg
Windows 7/2008 Event Log Forensic and Reversing Analysis
Linux Exploit Development Part 1 - Stack Overflow
PHP LFI to Arbitrary Code Execution via rfc1867 File Upload Temporary Files
Exploitation of _Self-Only_ XSS in Google Code
Linux Exploit Writing Tutorial Part 2 - Stack Overflow ASLR bypass Using ret2reg
Manual Shellcode
Bypassing Anti-Virus Scanners
Hacking the Skiddies
Manual Shellcode
Bypassing Anti-Virus Scanners
Hacking the Skiddies
Linux Exploit Development Part 3 - ret2libc
Linux Exploit Development Part 2 (Rev 2) - Real App Demo
Linux Exploit Development Part 3 - ret2libc
Linux Exploit Development Part 2 (Rev 2) - Real App Demo
[Persian] ‫‪Introduction to Man-in-the-middle Attacks‬‬
[Persian] Null Bind Attacks
Understanding the heap by breaking it
Connection String Parameter Pollution Attacks
WPA Too!
Token Kidnapping's Revenge
Attacks to SAP Web Applications
Attacking with HTML5
Dangling Pointer
Fuzzing Frameworks
Remote and Local Exploitation of Network Drivers
VoIP Security - Methodology and Results
[Hebrew] Digital Whisper Security Magazine #18
[Hebrew] Digital Whisper Security Magazine #19
[Hebrew] Digital Whisper Security Magazine #20
Linux Exploit Development Part 4 - ASCII armor bypass return-to-plt
The Underground in 2011
Reverse Engineering and Memory Patching
[Arabic] The Art Of Information Gathering/Footprinting [PDF]
Blind SQL Injection with Regular Expressions Attack
Penetration Testing with Metasploit Framework
A Simpler Way of Finding 0day
The Arashi (A.K.A Storm)
[Arabic] exploring and patching of [Cross site scripting - XSS ] gap
Defeating Data Execution Prevention and ASLR in Windows XP SP3
Structured Exception Handler Exploitation
Become fully aware of the potential dangers of ActiveX attacks
A New CVE-2015-0057 Exploit Technology
[Hebrew] Digital Whisper Security Magazine #22
Http Parameter Contamination (HPC) Attack / Research Paper
Automated Web Application Fingerprinting
What is a vulnerability assessment
Owning WD TV Live HUB (Go to Root...)
[Persian] ‫‪Introduction to Man-in-the-middle Attacks‬‬
[Persian] Null Bind Attacks
Understanding the heap by breaking it
Connection String Parameter Pollution Attacks
WPA Too!
Token Kidnapping's Revenge
Attacks to SAP Web Applications
Attacking with HTML5
Dangling Pointer
Fuzzing Frameworks
Remote and Local Exploitation of Network Drivers
VoIP Security - Methodology and Results
[Hebrew] Digital Whisper Security Magazine #18
[Hebrew] Digital Whisper Security Magazine #19
[Hebrew] Digital Whisper Security Magazine #20
Linux Exploit Development Part 4 - ASCII armor bypass return-to-plt
The Underground in 2011
Reverse Engineering and Memory Patching
[Arabic] The Art Of Information Gathering/Footprinting [PDF]
Blind SQL Injection with Regular Expressions Attack
Penetration Testing with Metasploit Framework
A Simpler Way of Finding 0day
The Arashi (A.K.A Storm)
[Arabic] exploring and patching of [Cross site scripting - XSS ] gap
Defeating Data Execution Prevention and ASLR in Windows XP SP3
Structured Exception Handler Exploitation
Become fully aware of the potential dangers of ActiveX attacks
A New CVE-2015-0057 Exploit Technology
[Hebrew] Digital Whisper Security Magazine #22
Http Parameter Contamination (HPC) Attack / Research Paper
Automated Web Application Fingerprinting
What is a vulnerability assessment
Owning WD TV Live HUB (Go to Root...)
[Turkish] Return-oriented Programming / DEP Bypass
[Hebrew] Digital Whisper Security Magazine #23
[Arabic] Exploring and Patching File Inclusion Vulnerabilities
[Indonesian] Intro To Hack Basic #1
[Turkish] Return-oriented Programming / DEP Bypass
[Hebrew] Digital Whisper Security Magazine #23
[Arabic] Exploring and Patching File Inclusion Vulnerabilities
[Indonesian] Intro To Hack Basic #1
[Spanish] Asaltando redes wifi
[Spanish] Jugando en la red
Userland Hooking in Windows
Microsoft Patch Analysis
Social Engineering Toolkit
Demystifying the Android Malware
[Spanish] Asaltando redes wifi
[Spanish] Jugando en la red
Userland Hooking in Windows
Microsoft Patch Analysis
Social Engineering Toolkit
Demystifying the Android Malware

Bypassing PHPIDS 0.6.5

[Hebrew] Digital Whisper Security Magazine #24
Recursive Stack Overflows
LFI With PHPInfo Assistance
Inline Hooking in Windows
[indonesian] Devilzc0de E-Magazine #3
Top Five ColdFusion Security Issues
Bypassing IE's XSS Filter
Clickjacking for Shells
Hacking your Droid
Embedding the Payload
Busting Windows With Backtrack 5 R1 & Metasploit Framework 4.0
Frontal Attacks - From Basic Compromise to Advanced Persistent Threat
Spying on Internet Explorer 8.0
Bypassing ASLR/DEP
JBoss Exploitation
Wireless Hacking & Wireless Security
[Hebrew] Digital Whisper Security Magazine #25
Recursive Stack Overflows
LFI With PHPInfo Assistance
Inline Hooking in Windows
[Indonesian] Devilzc0de E-Magazine #3
Top Five ColdFusion Security Issues
Bypassing IE's XSS Filter
Clickjacking for Shells
Hacking your Droid
Embedding the Payload
Busting Windows With Backtrack 5 R1 & Metasploit Framework 4.0
Frontal Attacks - From Basic Compromise to Advanced Persistent Threat
Spying on Internet Explorer 8.0
Bypassing ASLR/DEP
JBoss Exploitation
Wireless Hacking & Wireless Security
[Hebrew] Digital Whisper Security Magazine #25
[French] Le sidejacking avec pycookiejsinject
Buffer Overflow Exploitation SEH
Evading Antimalware Engines via Assembly Ghostwriting
SCADA and PLC Vulnerabilities in Correctional Facilities
Security Issues in Android Custom ROM
Skype Software Vulnerabilities - 0Day Exploitation 2011
[Turkish] Heap_ Overflows and Exploiting
[Hebrew] Digital Whisper Security Magazine #26
[French] Le sidejacking avec pycookiejsinject
Buffer Overflow Exploitation SEH
Evading Antimalware Engines via Assembly Ghostwriting
SCADA and PLC Vulnerabilities in Correctional Facilities
Security Issues in Android Custom ROM
Skype Software Vulnerabilities - 0Day Exploitation 2011
-overflows-and-exploiting.pdf
[Hebrew] Digital Whisper Security Magazine #26
Hacking Embedded Devices For Fun & Profit
Social Engineering - The Human Factor
Paper: Enumerating and Breaking VoIP
[Spanish] #breaking80211
[Turkish] Jynx Rootkit Analysis
Hacking Embedded Devices For Fun & Profit
Social Engineering - The Human Factor
Paper: Enumerating and Breaking VoIP
[Spanish] #breaking80211
[Turkish] Jynx Rootkit Analysis
[Hebrew] Digital Whisper Security Magazine #27
A bit away from Kernel execution
White Paper: Using Google as Malware Spreading Technique
web backdoors evasion detection
[Spanish] Hacking dispositivos iOS (iPhone_ iPod_ iPad)
White Paper : Post Exploitation Using Meterpreter
Active Domain Offline Hash Dump & Forensic Analysis
The Tor Project: Authority _No Check_ Weakness
White Paper- An analysis of a spam Exploited through browser add-ons in Facebook
Paper on Crypter(Unprotecting the Crypter)
Armitage - Hacking Made Easy Part 1
[Hebrew] Digital Whisper Security Magazine #27
A bit away from Kernel execution
White Paper: Using Google as Malware Spreading Technique
web backdoors evasion detection
-ipod
White Paper : Post Exploitation Using Meterpreter
Active Domain Offline Hash Dump & Forensic Analysis
The Tor Project: Authority _No Check_ Weakness
White Paper- An analysis of a spam Exploited through browser add-ons in Facebook
Paper on Crypter(Unprotecting the Crypter)
Armitage - Hacking Made Easy Part 1
[Hebrew] Digital Whisper Security Magazine #28
[Turkish] Linux 2011 Kernel Hooking And Coding Root Exploits
Buffer Overflows: Anatomy of an Exploit
Malware Reverse Engineering Part 1 - Static Analysis
iPhone Forensics on iOS 5
A Backdoor in the Next Generation Active Directory
[Spanish] El fingerprinting dentro de la seguridad web
[Hebrew] Digital Whisper Security Magazine #29
[Hebrew] Digital Whisper Security Magazine #28
[Turkish] Linux 2011 Kernel Hooking And Coding Root Exploits
Buffer Overflows: Anatomy of an Exploit
Malware Reverse Engineering Part 1 - Static Analysis
iPhone Forensics on iOS 5
A Backdoor in the Next Generation Active Directory
[Spanish] El fingerprinting dentro de la seguridad web
[Hebrew] Digital Whisper Security Magazine #29
[Turkish] DoS/DDoS Attacks Agains DNS
[Turkish] Analysis of a Browser Exploit
[Turkish] Shell Code Injection To Proccess
Egg Hunter - A Twist in Buffer Overflow
Wi-Fi Security with Wi-Fi Protection Plus
[Portuguese] DNS Spoofing
[Turkish] DoS/DDoS Attacks Agains DNS
[Turkish] Analysis of a Browser Exploit
[Turkish] Shell Code Injection To Proccess
Egg Hunter - A Twist in Buffer Overflow
Wi-Fi Security with Wi-Fi Protection Plus
[Portuguese] DNS Spoofing
Metasploit: Low Level View
[Spanish] Introduction to Reverse Engineering
Deep Dive Into OS Internals with Windbg
printf() tricks
XSS worm writeup
Covert Channel over ICMP
[Spanish] Paper: Information Gathering
[Portuguese] Passos para o pentest basico - Basic pentest Steps by n4sss
[Arabic] Exploring and Patching Remote File Disclosure Vulnerabilities
Analyzing WordPress Themes
Bypassing tolower() filters in buffer overflows
[Hebrew] Digital Whisper Security Magazine #30
MS11-046 - Dissecting a 0day
Address Space Layout Randomization
JavaScript Deobfuscation - A Manual Approach
Reverse Engineering Malware Part 1
[French] Pas Pas Vers L'Assembleur
iOS Application (In)Security
Complete Cross-site Scripting Walkthrough
[Hebrew] Digital Whisper Security Magazine #31
Hyperion: Implementation of a PE Crypter
Uncovering Zero-Days and Advanced Fuzzing - Slides
Uncovering Zero-Days and Advanced Fuzzing - Notes
Breaking The Crypt - Advanced Hash Cracking
Metasploit: Low Level View
[Spanish] Introduction to Reverse Engineering
Deep Dive Into OS Internals with Windbg
printf() tricks
XSS worm writeup
Covert Channel over ICMP
[Spanish] Paper: Information Gathering
[Portuguese] Passos para o pentest basico - Basic pentest Steps by n4sss
[Arabic] Exploring and Patching Remote File Disclosure Vulnerabilities
Analyzing WordPress Themes
Bypassing tolower() filters in buffer overflows
[Hebrew] Digital Whisper Security Magazine #30
MS11-046 - Dissecting a 0day
Address Space Layout Randomization
JavaScript Deobfuscation - A Manual Approach
Reverse Engineering Malware Part 1
[French] Pas Pas Vers L'Assembleur
iOS Application (In)Security
Complete Cross-site Scripting Walkthrough
[Hebrew] Digital Whisper Security Magazine #31
Hyperion: Implementation of a PE Crypter
Uncovering Zero-Days and Advanced Fuzzing - Slides
Uncovering Zero-Days and Advanced Fuzzing - Notes
Breaking The Crypt - Advanced Hash Cracking
[Hebrew] Digital Whisper Security Magazine #32
Insecurity of Poorly Designed Remote File Inclusion Vulnerabilities: Pt 1
[Hebrew] Digital Whisper Security Magazine #32
Insecurity of Poorly Designed Remote File Inclusion Vulnerabilities: Pt 1
Deactivating Endpoint Protection Software in an Unauthorized Manner (Revisited)
[Turkish] Web Application Security #101
[Turkish] Source Code Analysis at Web Applications - I
Insecurity of Poorly Designed Remote File Inclusion Payloads - Part 2
Proper Hashing Methods
Microsoft IIS Tilde Character Short File/Folder Name Disclosure
CVE 2012-1889 Microsoft XML Core Services Uninitialized Memory Vulnerability
Transferable State Attack on Iterated Hashing Functions
Hack Box with DotDotPwn Directory Traversal Fuzzer
Forensic Analysis of iOS5 iPhone Backups
Having Fun With VirusScan Enterprise
CVE-2012-1889: Security Update Analysis
2012-1889 Technical Analysis Report
[Hebrew] Digital Whisper Security Magazine #33
Bypassing Spam Filters Using Homographs
[Hebrew] Digital Whisper Security Magazine #34
Whitepaper: Bypassing Antivirus with a Sharp Syringe
[Spanish] Taller de Inyecciones LDAP
[Turkish] Web Application Security and Secure Coding 101
Sage 50 Payroll 2012 Password Bypass Local Software Exploit
[Arabic] - Internet Explorer MSXML (MS12-043)
DNS-Based Phishing Attack in Public Hotspots
Shellcoding in Linux
[Hebrew] Digital Whisper Security Magazine #35
CVE-2012-4969 Technical Analysis Report
How to Use PyDbg as a Powerful Multitasking Debugger
[Arabic] First Step To Find Vulnerabilities
Detecting and Exploiting XSS Vulnerabilities with Xenotix XSS Exploit Framework
[Turkish] Introduction to ARM Exploitation
CVE-2012-4681 Technical Analysis Report
Deactivating Endpoint Protection Software in an Unauthorized Manner (Revisited)
[Turkish] Web Application Security #101
[Turkish] Source Code Analysis at Web Applications - I
Insecurity of Poorly Designed Remote File Inclusion Payloads - Part 2
Proper Hashing Methods
Microsoft IIS Tilde Character Short File/Folder Name Disclosure
CVE 2012-1889 Microsoft XML Core Services Uninitialized Memory Vulnerability
Transferable State Attack on Iterated Hashing Functions
Hack Box with DotDotPwn Directory Traversal Fuzzer
Forensic Analysis of iOS5 iPhone Backups
Having Fun With VirusScan Enterprise
CVE-2012-1889: Security Update Analysis
2012-1889 Technical Analysis Report
[Hebrew] Digital Whisper Security Magazine #33
Bypassing Spam Filters Using Homographs
[Hebrew] Digital Whisper Security Magazine #34
Whitepaper: Bypassing Antivirus with a Sharp Syringe
[Spanish] Taller de Inyecciones LDAP
[Turkish] Web Application Security and Secure Coding 101
Sage 50 Payroll 2012 Password Bypass Local Software Exploit
[Arabic] - Internet Explorer MSXML (MS12-043)
DNS-Based Phishing Attack in Public Hotspots
Shellcoding in Linux
[Hebrew] Digital Whisper Security Magazine #35
CVE-2012-4969 Technical Analysis Report
How to Use PyDbg as a Powerful Multitasking Debugger
[Arabic] First Step To Find Vulnerabilities
Detecting and Exploiting XSS Vulnerabilities with Xenotix XSS Exploit Framework
[Turkish] Introduction to ARM Exploitation
CVE-2012-4681 Technical Analysis Report
[Turkish] XSS Exploitation via CHEF
[Hebrew] Digital Whisper Security Magazine #36
A Pentester's Guide to Hacking OData
CVE-2012-1535: Adobe Flash Player Integer Overflow Analysis
Steam Browser Protocol Insecurity
Whitepaper : Exploiting Transparent User Identification
Bypassing AvastSandBox Using Alternate Data Streaming
[Hebrew] Digital Whisper Security Magazine #37
Checkpoint/SofaWare Firewall Vulnerability Research
Sophail: Applied attacks against Sophos Antivirus
[Spanish] Software Exploitation
Guidelines for Pentesting a Joomla Based Site
[Turkish] Network Penetration Testing 101
[Spanish] Penetration Testing - Analisis Web - Evaluacion de Vulnerabilidades - Explotacion
[Turkish] XSS Exploitation via CHEF
[Hebrew] Digital Whisper Security Magazine #36
A Pentester's Guide to Hacking OData
CVE-2012-1535: Adobe Flash Player Integer Overflow Analysis
Steam Browser Protocol Insecurity
Whitepaper : Exploiting Transparent User Identification
Bypassing AvastSandBox Using Alternate Data Streaming
[Hebrew] Digital Whisper Security Magazine #37
Checkpoint/SofaWare Firewall Vulnerability Research
Sophail: Applied attacks against Sophos Antivirus
[Spanish] Software Exploitation
Guidelines for Pentesting a Joomla Based Site
[Turkish] Network Penetration Testing 101
[Spanish] Penetration Testing - Analisis Web - Evaluacion de Vulnerabilidades - Explotacion
CVE-2012-5076 Technical Analysis Report
Reversing & Malware Analysis Training Articles
CVE-2012-5076 Technical Analysis Report
Reversing & Malware Analysis Training Articles
Ideas of advanced runtime Encryption of .NET Executables
In-Memory Fuzzing with Java
Ideas of advanced runtime Encryption of .NET Executables
In-Memory Fuzzing with Java
Analyzing Near Field Communication (NFC) Security
[Hebrew] Digital Whisper Security Magazine #38
[Turkish] Introduction to ARM Exploiting on Linux
[Spanish] Hashcat Manual de Usuario
Analyzing Near Field Communication (NFC) Security
[Hebrew] Digital Whisper Security Magazine #38
[Turkish] Introduction to ARM Exploiting on Linux
[Spanish] Hashcat Manual de Usuario
DOMSDAY - Analyzing a Dom-Based XSS in Yahoo!
[Turkish] Pen-Tester's Guide for Metasploit Framework
Detecting System Intrusions
[Hebrew] Digital Whisper Security Magazine #39
Manipulating Memory for Fun & Profit
A Short Guide on ARM Exploitation
CloudFlare vs Incapsula vs ModSecurity
Abusing_ Exploiting and Pwning with Firefox Add-ons
From Write to root on AIX
Story of a Client-Side Attack
[Hebrew] Digital Whisper Security Magazine #40
Post XSS Exploitation: Advanced Attacks and Remedies
[Turkish] - Local File inclusion
Hacking Trust Relationships Between SIP Gateways
[Spanish] Wireless Network Security
CUDA Cracking
Novell GroupWise Untrusted Pointer Dereference Exploitation
[Hebrew] Digital Whisper Security Magazine #41
DOMSDAY - Analyzing a Dom-Based XSS in Yahoo!
[Turkish] Pen-Tester's Guide for Metasploit Framework
Detecting System Intrusions
[Hebrew] Digital Whisper Security Magazine #39
Manipulating Memory for Fun & Profit
A Short Guide on ARM Exploitation
CloudFlare vs Incapsula vs ModSecurity
-exploiting-and-pwning-with-firefox-add-ons.pdf
From Write to root on AIX
Story of a Client-Side Attack
[Hebrew] Digital Whisper Security Magazine #40
Post XSS Exploitation: Advanced Attacks and Remedies
[Turkish] - Local File inclusion
Hacking Trust Relationships Between SIP Gateways
[Spanish] Wireless Network Security
CUDA Cracking
Novell GroupWise Untrusted Pointer Dereference Exploitation
[Hebrew] Digital Whisper Security Magazine #41
Injecting SQLite Database Based Applications
GAME ENGINES: A 0DAY’S TALE
Fuzzing: An introduction to Sulley Framework
Blackberry Z10 Research Primer - Dissecting Blackberry 10 - An Initial Analysis
Windows _Meterpreter_less Post Exploitation
[Hebrew] Digital Whisper Security Magazine #42
[Persian] Emperor Magazine #2
[Persian] Emperor Magazine #3
[Persian] Android Security and Forensic Science
[Turkish] Source Code Analysis at Web Applications - II
[Turkish] Digital Satellite Receiver & Safety
[Portuguese] Simple Weevely Guide
Injecting SQLite Database Based Applications
GAME ENGINES: A 0DAY’S TALE
Fuzzing: An introduction to Sulley Framework
Blackberry Z10 Research Primer - Dissecting Blackberry 10 - An Initial Analysis
Windows _Meterpreter_less Post Exploitation
[Hebrew] Digital Whisper Security Magazine #42
[Persian] Emperor Magazine #2
[Persian] Emperor Magazine #3
[Persian] Android Security and Forensic Science
[Turkish] Source Code Analysis at Web Applications - II
[Turkish] Digital Satellite Receiver & Safety
[Portuguese] Simple Weevely Guide
[Hebrew] Digital Whisper Security Magazine #43
Atlassian Confluence 4.3.5 - Multiple Vulnerabilities
Flash JIT – Spraying info leak gadgets
Nginx Exploit Documentation About a Generic Way to Exploit Linux Targets
[Hebrew] Digital Whisper Security Magazine #43
Atlassian Confluence 4.3.5 - Multiple Vulnerabilities
Flash JIT – Spraying info leak gadgets
Nginx Exploit Documentation About a Generic Way to Exploit Linux Targets
[Hebrew] Digital Whisper Security Magazine #44
Adventures in Automotive Networks and Control Units
[Romanian] Formatul Fisierelor PE (Portable Executable)
Win32-Rovnix Malware Report
[Spanish] Exploting Add-Ons in Mozilla Firefox
Win32-China Chopper CnC/Webshell Malware Report
Smashing the stack_ an example from 2013
Win32-Worm:VBS/Jenxcus.A Malware Report
Metasploit - The Exploit Learning Tree
[Persian] Malware Memory Forensics
[Arabic] Zaiim In Exploit Discovering
[Persian] Comprehensive OllyDBG Learning
Linux Stack Based Buffer Overflows
Linux Format String Exploitation
Linux Integer Overflow and Underflow
Linux Off By One Vulnerabilities
Return Oriented Programming (ROP FTW)
[Hebrew] Digital Whisper Security Magazine #44
Adventures in Automotive Networks and Control Units
[Romanian] Formatul Fisierelor PE (Portable Executable)
Win32-Rovnix Malware Report
[Spanish] Exploting Add-Ons in Mozilla Firefox
Win32-China Chopper CnC/Webshell Malware Report
-an-example-from-2013.pdf
Win32-Worm:VBS/Jenxcus.A Malware Report
Metasploit - The Exploit Learning Tree
[Persian] Malware Memory Forensics
[Arabic] Zaiim In Exploit Discovering
[Persian] Comprehensive OllyDBG Learning
Linux Stack Based Buffer Overflows
Linux Format String Exploitation
Linux Integer Overflow and Underflow
Linux Off By One Vulnerabilities
Return Oriented Programming (ROP FTW)
Understanding C Integer Boundaries (Overflows & Underflow)
Linux Classic Return-to-libc & Return-to-libc Chaining Tutorial
[Hebrew] Digital Whisper Security Magazine #45
WordPress 3.6 - Crafted String URL Redirect Restriction Bypass
Fuzzing & Software Vulnerabilities Part 1 - Turkish
Understanding C Integer Boundaries (Overflows & Underflow)
Linux Classic Return-to-libc & Return-to-libc Chaining Tutorial
[Hebrew] Digital Whisper Security Magazine #45
WordPress 3.6 - Crafted String URL Redirect Restriction Bypass
Fuzzing & Software Vulnerabilities Part 1 - Turkish
CloudFlare vs Incapsula (WAF) : Round 2 (PDF)
[Hebrew] Digital Whisper Security Magazine #46
[Hebrew] Digital Whisper Security Magazine #47
[Spanish] Hashcat - Hash Type Manual
[Persian] How to Buffer Overflow and Exploiting
CloudFlare vs Incapsula (WAF) : Round 2 (PDF)
[Hebrew] Digital Whisper Security Magazine #46
[Hebrew] Digital Whisper Security Magazine #47
[Spanish] Hashcat - Hash Type Manual
[Persian] How to Buffer Overflow and Exploiting
[Persian] DLL Injection & Hooking
[Georgian] DFIRCON APT Malware Analysis - Part 2
[Georgian] DFIRCON APT Malware Analysis
64-bit calc.exe Stack Overflow Root Cause Analysis
Windows rcrypt PE EXE/DDL Packer Writeup
[Persian] DLL Injection & Hooking
[Georgian] DFIRCON APT Malware Analysis - Part 2
[Georgian] DFIRCON APT Malware Analysis
64-bit calc.exe Stack Overflow Root Cause Analysis
Windows rcrypt PE EXE/DDL Packer Writeup
[Georgian] - Buffer Overflows
Control Flow Obfuscations in Malwares
[Hebrew] Digital Whisper Security Magazine #48
[Persian] Attack on LSDBs in OSPF Routing Protocol
Heap Spraying - ActiveX Controls Under Attack
[Persian] Cookies
Methodology: Security plan for wireless networks
[Turkish] RPC Zafiyetlerinin Keşfi
[Hebrew] Digital Whisper Security Magazine #49
Reversing Encrypted Callbacks and COM Interfaces
Radio-Frequency Identification Exploitation
[Georgian] - Buffer Overflows
Control Flow Obfuscations in Malwares
[Hebrew] Digital Whisper Security Magazine #48
[Persian] Attack on LSDBs in OSPF Routing Protocol
Heap Spraying - ActiveX Controls Under Attack
[Persian] Cookies
Methodology: Security plan for wireless networks
[Turkish] RPC Zafiyetlerinin Keşfi
[Hebrew] Digital Whisper Security Magazine #49
Reversing Encrypted Callbacks and COM Interfaces
Radio-Frequency Identification Exploitation
[Azerbaijan] ClamAV Bypassing
Dynamic-Link Library Hijacking
[Portuguese] Heap Spraying
[Persian] The Art Of Stealth Scanning
Uploading PHP Shell Through SQL Injection
PoC || GTFO 0x03
PoC || GTFO 0x02
PoC || GTFO 0x01
PoC || GTFO 0x00
[Azerbaijan] ClamAV Bypassing
Dynamic-Link Library Hijacking
[Portuguese] Heap Spraying
[Persian] The Art Of Stealth Scanning
Uploading PHP Shell Through SQL Injection
PoC || GTFO 0x03
PoC || GTFO 0x02
PoC || GTFO 0x01
PoC || GTFO 0x00
NetPilot/Soho Blue Router 6.1.15 - Privilege Escalation
Whatsapp Forensic/Stealer (Android) PoC Paper
Microsoft Windows Help Systems Vulnerabilities
NetPilot/Soho Blue Router 6.1.15 - Privilege Escalation
Whatsapp Forensic/Stealer (Android) PoC Paper
Microsoft Windows Help Systems Vulnerabilities
[Turkish] WAF Bypass Methods
Introduction to Android Malware Analysis
Windows Heap Overflow Exploitation
Exploitation notes on CVE-2014-0160
[Hebrew] Digital Whisper Security Magazine #50
SQL Injection in Insert_ Update and Delete Statements
TP-Link TD-W89 Config File Download / Exploiting the Host
I Know Where Your Page Lives - De-randomizing the latest Windows 10 Kernel
[Hebrew] Digital Whisper Security Magazine #51
64-bit Linux Stack Based Buffer Overflow
[Persian] Oracle SID Detection Techniques - Part 1
[Persian] Oracle SID Detection Techniques - Part 2
[Persian] Oracle SID Detection Techniques - Part 3
[Persian] Oracle SID Detection Techniques - Part 4
Searching SHODAN For Fun And Profit
Android KeyStore Stack Buffer Overflow
Hacking Blind
PoC || GTFO 0x04
[Turkish] WAF Bypass Methods
Introduction to Android Malware Analysis
Windows Heap Overflow Exploitation
Exploitation notes on CVE-2014-0160
[Hebrew] Digital Whisper Security Magazine #50
-update-and-delete-statements.pdf
TP-Link TD-W89 Config File Download / Exploiting the Host
I Know Where Your Page Lives - De-randomizing the latest Windows 10 Kernel
[Hebrew] Digital Whisper Security Magazine #51
64-bit Linux Stack Based Buffer Overflow
[Persian] Oracle SID Detection Techniques - Part 1
[Persian] Oracle SID Detection Techniques - Part 2
[Persian] Oracle SID Detection Techniques - Part 3
[Persian] Oracle SID Detection Techniques - Part 4
Searching SHODAN For Fun And Profit
Android KeyStore Stack Buffer Overflow
Hacking Blind
PoC || GTFO 0x04
The Ultimate XSS Protection Cheat Sheet for Developers
[Hebrew] Digital Whisper Security Magazine #52
[Turkish] SQLMap CSRF Bypass
[Romanian] Stack Based Buffer Overflow
Outsmarted - Why Malware Works in the Face of Antivirus Software
Breaking the Sandbox
The Ultimate XSS Protection Cheat Sheet for Developers
[Hebrew] Digital Whisper Security Magazine #52
[Turkish] SQLMap CSRF Bypass
[Romanian] Stack Based Buffer Overflow
Outsmarted - Why Malware Works in the Face of Antivirus Software
Breaking the Sandbox
Technical Information on Vulnerabilities of Hypercall Handlers
Exploiting CVE-2014-4113 on Windows 8.1
[Hebrew] Digital Whisper Security Magazine #53
[Hebrew] Digital Whisper Security Magazine #54
[Hebrew] Digital Whisper Security Magazine #55
Deep Dive into ROP Payload Analysis
[Turkish] Embedded Device Security & Zollard Botnet Analysis
PoC || GTFO 0x06
PoC || GTFO 0x05
Technical Information on Vulnerabilities of Hypercall Handlers
Exploiting CVE-2014-4113 on Windows 8.1
[Hebrew] Digital Whisper Security Magazine #53
[Hebrew] Digital Whisper Security Magazine #54
[Hebrew] Digital Whisper Security Magazine #55
Deep Dive into ROP Payload Analysis
[Turkish] Embedded Device Security & Zollard Botnet Analysis
PoC || GTFO 0x06
PoC || GTFO 0x05
[Turkish] How to Bypass SafeSEH and Stack Cookie Protection
[Hebrew] Digital Whisper Security Magazine #56
[Turkish] How to Bypass SafeSEH and Stack Cookie Protection
[Hebrew] Digital Whisper Security Magazine #56
[Albanian] Socket Learning
[Turkish] Codesys SEH Exploit Tutorial Paper
[Albanian] Socket Learning
[Turkish] Codesys SEH Exploit Tutorial Paper
[Hebrew] Digital Whisper Security Magazine #57
[Hebrew] Digital Whisper Security Magazine #59
Analysis of CVE-2014-4113 (Windows Privilege Escalation Vulnerability)
Ghost Vulnerability CVE-2015-0235 White Paper
[Hebrew] Digital Whisper Security Magazine #57
[Hebrew] Digital Whisper Security Magazine #59
Analysis of CVE-2014-4113 (Windows Privilege Escalation Vulnerability)
Ghost Vulnerability CVE-2015-0235 White Paper
[Hebrew] Digital Whisper Security Magazine #58
[Turkish] Penetration and Security Testing on Microsoft SQL Server
PoC || GTFO 0x07
[Hebrew] Digital Whisper Security Magazine #60
Developing MIPS Exploits to Hack Routers
Privilege Escalation via Client Management Software
[Hebrew] Digital Whisper Security Magazine #61
Web App Penetration Testing - Local File Inclusion (LFI)
Privilege Escalation via Client Management Software - Part II
Escaping VMware Workstation through COM1
[Turkish] Web Services Penetration Testing
PoC || GTFO 0x08
[Hebrew] Digital Whisper Security Magazine #62
[Hebrew] Digital Whisper Security Magazine #58
[Turkish] Penetration and Security Testing on Microsoft SQL Server
PoC || GTFO 0x07
[Hebrew] Digital Whisper Security Magazine #60
Developing MIPS Exploits to Hack Routers
Privilege Escalation via Client Management Software
[Hebrew] Digital Whisper Security Magazine #61
Web App Penetration Testing - Local File Inclusion (LFI)
Privilege Escalation via Client Management Software - Part II
Escaping VMware Workstation through COM1
[Turkish] Web Services Penetration Testing
PoC || GTFO 0x08
[Hebrew] Digital Whisper Security Magazine #62
BIGINT Overflow Error Based SQL Injection
MySQL Error Based SQL Injection Using EXP
How to HeapSpray and Exploit Memory Corruption in IIS6
[Persian] Cracking WPA/WPA2 with Rainbow Table
[Persian] Pyrit Cluster with Kali Linux
Compromising ISP Issued 802.11 Wireless Cable Modem Networks for Profit
[Hebrew] Digital Whisper Security Magazine #63
[Hebrew] Digital Whisper Security Magazine #64
Shoot zend_executor_globals to bypass php disable_functions
Evading All Web-Application Firewalls XSS Filters
Microsoft .NET MVC - ReDoS (Denial of Service) Vulnerability (MS15-101)
Abusing Windows Opener To Bypass CSRF Protection
[Persian] Jailbreak Payloads From Star to TaiG
BIGINT Overflow Error Based SQL Injection
MySQL Error Based SQL Injection Using EXP
How to HeapSpray and Exploit Memory Corruption in IIS6
[Persian] Cracking WPA/WPA2 with Rainbow Table
[Persian] Pyrit Cluster with Kali Linux
Compromising ISP Issued 802.11 Wireless Cable Modem Networks for Profit
[Hebrew] Digital Whisper Security Magazine #63
[Hebrew] Digital Whisper Security Magazine #64
Shoot zend_executor_globals to bypass php disable_functions
Evading All Web-Application Firewalls XSS Filters
Microsoft .NET MVC - ReDoS (Denial of Service) Vulnerability (MS15-101)
Abusing Windows Opener To Bypass CSRF Protection
[Persian] Jailbreak Payloads From Star to TaiG
[Hebrew] Digital Whisper Security Magazine #65
[Portuguese] Using Printer Layout as a Vector for Malicious Code Insertion
[Persian] How Yalu Works
Writing Cisco IOS Rootkits
New Methods in Automated XSS Detection
Win32_bind Shellcode Review
[Portuguese] Ataques Avançados contra CPL (Control Panel Applets)
[Hebrew] Digital Whisper Security Magazine #67
[Hebrew] Digital Whisper Security Magazine #66
[Turkish] Beurk Rootkit Password Cracking and Injection (Gizliligin Anatomisi)
[Persian] Change Powershell Command Line Job
[Persian] Advanced NTFS Alternate Data Stream in Windows 8 and 10
[Persian] Image File Execution
[Persian] Windows Hacking And Security Only in Physical Access
[Persian] Exposing the WiFi Password Using C and PowerShell
[Persian] Bypass PowerShell Execution Policy
[Portuguese] Introdução a exploração de Structured Excpetion Handlers
[Turkish] Back To BackDoor
Bypassing McAfee’s Application Whitelisting for Critical Infrastructure Systems
[Hebrew] Digital Whisper Security Magazine #65
[Portuguese] Using Printer Layout as a Vector for Malicious Code Insertion
[Persian] How Yalu Works
Writing Cisco IOS Rootkits
New Methods in Automated XSS Detection
Win32_bind Shellcode Review
[Portuguese] Ataques Avancados contra CPL (Control Panel Applets)
[Hebrew] Digital Whisper Security Magazine #67
[Hebrew] Digital Whisper Security Magazine #66
[Turkish] Beurk Rootkit Password Cracking and Injection (Gizliligin Anatomisi)
[Persian] Change Powershell Command Line Job
[Persian] Advanced NTFS Alternate Data Stream in Windows 8 and 10
[Persian] Image File Execution
[Persian] Windows Hacking And Security Only in Physical Access
[Persian] Exposing the WiFi Password Using C and PowerShell
[Persian] Bypass PowerShell Execution Policy
[Portuguese] Introdução a exploração de Structured Excpetion Handlers
[Turkish] Back To BackDoor
Bypassing McAfee’s Application Whitelisting for Critical Infrastructure Systems
[Spanish] Bypass a lista blanca de McAfee Appication Control
[Spanish] Windows Heap Overflow Exploitation - Exploiting a Custom Heap Under Windows 7
[Hebrew] Digital Whisper Security Magazine #69
The Most Forgotten Web Vulnerabilities
NDI5aster - Privilege Escalation through NDIS 5.x Filter Intermediate Drivers
[Hebrew] Digital Whisper Security Magazine #70
Metaphor - A (real) real-­life Stagefright exploit
Exploiting Buffer Overflows on MIPS Architecture
Windows Kernel Exploitation 101: Exploiting CVE-2014-4113
[Persian] XML Injection
Avactis PHP Shopping Cart - Multiple Vulnerabilities
Phorum 5.2.20 - Multiple Vulnerabilities
[Turkish] Privilege Escalation Vectors On Windows Systems
[Persian] Ollydbg Tutorial v 1.10
[Hebrew] Digital Whisper Security Magazine #71
[Hebrew] Digital Whisper Security Magazine #72
[Hebrew] Digital Whisper Security Magazine #73
Exploiting Apache James Server 2.3.2
Novel contributions to the field - How I broke MySQL's codebase
Cryptshare 3.10.1.2 - Stored XSS
[Hebrew] Digital Whisper Security Magazine #74
[Turkish] Drupal Coder Vulnerability Analysis & MSF Module Dev
Hunting HTML 5 postMessage Vulnerabilities
[Hebrew] Digital Whisper Security Magazine #75
[Hebrew] Digital Whisper Security Magazine #76
[Turkish] Wireshark - Important Tips
[Turkish] Detailed Cross-Site Scripting Paper
[Turkish] Web Security Vulnerabilities - Web Güvenlik Açıkları
Tuleap 8.18 - SQL Injection & Cross-Site Scripting Vulnerability Analysis
PoC || GTFO 0x09
PoC || GTFO 0x10
PoC || GTFO 0x11
PoC || GTFO 0x12
PoC || GTFO 0x13
[Hebrew] Digital Whisper Security Magazine #77
[Spanish] Bypass a lista blanca de McAfee Appication Control
[Spanish] Windows Heap Overflow Exploitation - Exploiting a Custom Heap Under Windows 7
[Hebrew] Digital Whisper Security Magazine #69
The Most Forgotten Web Vulnerabilities
NDI5aster - Privilege Escalation through NDIS 5.x Filter Intermediate Drivers
[Hebrew] Digital Whisper Security Magazine #70
Metaphor - A (real) real-­life Stagefright exploit
Exploiting Buffer Overflows on MIPS Architecture
Windows Kernel Exploitation 101: Exploiting CVE-2014-4113
[Persian] XML Injection
Avactis PHP Shopping Cart - Multiple Vulnerabilities
Phorum 5.2.20 - Multiple Vulnerabilities
[Turkish] Privilege Escalation Vectors On Windows Systems
[Persian] Ollydbg Tutorial v 1.10
[Hebrew] Digital Whisper Security Magazine #71
[Hebrew] Digital Whisper Security Magazine #72
[Hebrew] Digital Whisper Security Magazine #73
Exploiting Apache James Server 2.3.2
Novel contributions to the field - How I broke MySQL's codebase
Cryptshare 3.10.1.2 - Stored XSS
[Hebrew] Digital Whisper Security Magazine #74
[Turkish] Drupal Coder Vulnerability Analysis & MSF Module Dev
Hunting HTML 5 postMessage Vulnerabilities
[Hebrew] Digital Whisper Security Magazine #75
[Hebrew] Digital Whisper Security Magazine #76
[Turkish] Wireshark - Important Tips
[Turkish] Detailed Cross-Site Scripting Paper
[Turkish] Web Security Vulnerabilities - Web Güvenlik Açıkları
Tuleap 8.18 - SQL Injection & Cross-Site Scripting Vulnerability Analysis
PoC || GTFO 0x09
PoC || GTFO 0x10
PoC || GTFO 0x11
PoC || GTFO 0x12
PoC || GTFO 0x13
[Hebrew] Digital Whisper Security Magazine #77
[Hebrew] Digital Whisper Security Magazine #78
Teaching an Old Dog (not that new) Tricks. Stego in TCP/IP made easy (part-1)
Pozzo & Lucky_ The phantom Shell. Stego in TCP/IP (part-2)
Art of Anti Detection - Introduction To AV & Detection Techniques
[Hebrew] Digital Whisper Security Magazine #79
[Hebrew] Digital Whisper Security Magazine #78
Teaching an Old Dog (not that new) Tricks. Stego in TCP/IP made easy (part-1)
-the-phantom-shell.-stego-in-tcpip-(part-2).pdf
Art of Anti Detection - Introduction To AV & Detection Techniques
[Hebrew] Digital Whisper Security Magazine #79
Art of Anti Detection - PE Backdoor Manufacturing
MySQL Out-of-Band Hacking
Alternative for Information_Schema.Tables in MySQL
MySQL Injection in Update_ Insert_ and Delete
Exploiting Node.js deserialization bug for Remote Code Execution
RSA Asymmetric Polymorphic Shellcode
Attacking RDP - How to Eavesdrop on Poorly Secured RDP Connections
Art of Anti Detection - Shellcode Alchemy
PoC || GTFO 0x14
Art of Anti Detection - PE Backdoor Manufacturing
MySQL Out-of-Band Hacking
Alternative for Information_Schema.Tables in MySQL
-insert
Exploiting Node.js deserialization bug for Remote Code Execution
RSA Asymmetric Polymorphic Shellcode
Attacking RDP - How to Eavesdrop on Poorly Secured RDP Connections
Art of Anti Detection - Shellcode Alchemy
PoC || GTFO 0x14
How to Exploit ETERNALBLUE and DOUBLEPULSAR on Windows 7/2008
[Spanish] How to Exploit ETERNALBLUE and DOUBLEPULSAR on Windows 7/2008
How to Exploit ETERNALBLUE and DOUBLEPULSAR on Windows 7/2008
[Spanish] How to Exploit ETERNALBLUE and DOUBLEPULSAR on Windows 7/2008
nt!_SEP_TOKEN_PRIVILEGES - Single Write EoP Protect
Local File Disclosure using SQL Injection
BluedIoT: When a mature and immature technology mixes_ becomes an “idiot” situation
Stealing Windows Credentials Using Google Chrome
Introduction to Manual Backdooring
[Turkish] Mobile Penetration Testing
[Hebrew] Digital Whisper Security Magazine #82
[Hebrew] Digital Whisper Security Magazine #83
[Hebrew] Digital Whisper Security Magazine #85
Of Mice and Keyboards - On the Security of Modern Wireless Desktop Sets
[Turkish] Exploit Shellcode Development
[Arabic] Web Application Penetration Testing Techniques
[Italian] How to write Fully Undetectable malware
[Turkish] Blind SQL Injection Attacks
How to Write Fully Undetectable Malware - English Translation
[Persian] Xpath Injection
How to Exploit ETERNALBLUE on Windows Server 2012 R2
[Spanish] How to Exploit ETERNALBLUE on Windows Server 2012 R2
[French] SYN FLOOD ATTACK for IP CISCO Phone
Hidden Network: Detecting Hidden Networks created with USB Devices
How to exploit ETERNALROMANCE/SYNERGY on Windows Server 2016
[Hebrew] Digital Whisper Security Magazine #84
DirtyTooth: Extracting VCARD data from Bluetooth iOS profiles
nt!_SEP_TOKEN_PRIVILEGES - Single Write EoP Protect
Local File Disclosure using SQL Injection
-becomes-an-idiot-situation.pdf
Stealing Windows Credentials Using Google Chrome
Introduction to Manual Backdooring
[Turkish] Mobile Penetration Testing
[Hebrew] Digital Whisper Security Magazine #82
[Hebrew] Digital Whisper Security Magazine #83
[Hebrew] Digital Whisper Security Magazine #85
Of Mice and Keyboards - On the Security of Modern Wireless Desktop Sets
[Turkish] Exploit Shellcode Development
[Arabic] Web Application Penetration Testing Techniques
[Italian] How to write Fully Undetectable malware
[Turkish] Blind SQL Injection Attacks
How to Write Fully Undetectable Malware - English Translation
[Persian] Xpath Injection
How to Exploit ETERNALBLUE on Windows Server 2012 R2
[Spanish] How to Exploit ETERNALBLUE on Windows Server 2012 R2
[French] SYN FLOOD ATTACK for IP CISCO Phone
Hidden Network: Detecting Hidden Networks created with USB Devices
How to exploit ETERNALROMANCE/SYNERGY on Windows Server 2016
[Hebrew] Digital Whisper Security Magazine #84
DirtyTooth: Extracting VCARD data from Bluetooth iOS profiles
[Turkish] Offensive and Defensive PowerShell
Command Injection - Shell Injection
Code Injection – HTML Injection
[Hebrew] Digital Whisper Security Magazine #86
[Turkish] Windows and Linux Privilege Escalation
Kernel Driver mmap Handler Exploitation
[Turkish] Offensive and Defensive PowerShell
Command Injection - Shell Injection
Code Injection – HTML Injection
[Hebrew] Digital Whisper Security Magazine #86
[Turkish] Windows and Linux Privilege Escalation
Kernel Driver mmap Handler Exploitation
PoC || GTFO 0x15
HITB Magazine - Volume 1_ Issue 1
HITB Magazine - Volume 1_ Issue 2
HITB Magazine - Volume 1_ Issue 3
HITB Magazine - Volume 1_ Issue 4
PoC || GTFO 0x15
-issue-1.pdf
-issue-2.pdf
-issue-3.pdf
-issue-4.pdf
[eZine] i sh0t the white hat 1
[eZine] i sh0t the white hat 2
[eZine] i sh0t the white hat 3
[Hebrew] Digital Whisper Security Magazine #87
[Persian] Hacksys Extreme Vulnerable Windows Driver analysis Part 1
PoC || GTFO 0x16
[Hebrew] Digital Whisper Security Magazine #88
Reversing and Exploiting IoT devices
[Hebrew] Digital Whisper Security Magazine #89
[Spanish] [eZine] i sh0t the white hat 1
[eZine] i sh0t the white hat 2
[Spanish] [eZine] i sh0t the white hat 3
[Hebrew] Digital Whisper Security Magazine #87
[Persian] Hacksys Extreme Vulnerable Windows Driver analysis Part 1
PoC || GTFO 0x16
[Hebrew] Digital Whisper Security Magazine #88
Reversing and Exploiting IoT devices
[Hebrew] Digital Whisper Security Magazine #89