Ethical Hacking (10)

Intercepting keystrokes

Hooking Key Events

There are different ways to catch the keys as they are being typed, but one of the most efficient is to monitor system events for key events. This is done with a hook, which forces Windows to call your own functions when a certain type of event happens.

First, let's see how you can set a hook to catch keyboard events, with SetWindowsHookEx(): Read more..

Your rating: None Average: 4.6 (7 votes)


In HITBSecConf2009 Vipin Kumar (Founder nvLabs.in) demonstrated how easily Windows 7 can be attacked via boot sectors using Vbootkit 2.0. 

He demonstrated
Read more..
Your rating: None Average: 3.7 (7 votes)

Required Tools:

Introduction

This tutorial includes all the code you'll need to carry out these exercises.Read more..

Your rating: None Average: 4 (3 votes)


• Security testing methodologies
• The Ethical Hacking Profession
• Passive Intelligence Gathering – 2007 Version
• Network Sweeps
• Stealthily Network Recon
• Passive traffic identification
• Identifying system vulnerabilities
• Abusing Domain Name System (DNS)
• Abusing Simple Network Management Protocol
(SNMP)

• Introduction to Remote Exploits
• Engineering remote exploits
• Running shellcode in RAM vs. on disk
• Heap Buffer Overflows
• Compromising Windows 2003 Server Systems
• Compromising Solaris Unix and Linux Systems
• Attacking RDP (Remote Desktop Protocol) in
Windows XP, 2003 & Vista
• Windows password weaknesses & Rainbow Tables
• Unix password weaknesses
• Attacking Cisco’s IOS password weaknessesRead more..

Your rating: None Average: 3 (2 votes)

For this "tutorial" we will use a real program called PDF2Word.
I stumbled upon this program when trying to convert a pdf document to a word document (duh..).

The funny thing about this program is that it costs $39.95 and that it is released under the GPL.

Let's start shall we?

1: Obtain a copy of the program at http://www.verypdf.com/pdf2word/index.html
We will use version 2.6 in this tutorial.Read more..

Your rating: None Average: 2 (1 vote)



WarVOX is a suite of tools for exploring, classifying, and auditing telephone systems. Unlike normal wardialing tools, WarVOX works with the actual audio from each call and does not use a modem directly. This model allows WarVOX to find and classify a wide range of interesting lines, including modems, faxes, voice mail boxes, PBXs, loops, dial tones, IVRs, and forwarders. WarVOX provides the unique ability to classify all telephone lines in a given range, not just those connected to modems, allowing for a comprehensive audit of a telephone system.

WarVOX requires no telephony hardware and is massively scalable by leveraging Internet-based VoIP providers. A single instance of WarVOX on a residential broadband connection, with a typical VoIP account, can scan over 1,000 numbers per hour. The speed of WarVOX is limited only by downstream bandwidth and the limitations of the VoIP service. Using two providers with over 40 concurrent lines we have been able to scan entire 10,000 number prefixes within 3 hours. Read more..

Your rating: None Average: 4.3 (7 votes)

Search

Loading

Sponsered links

Bookmark Us!

Share/Save

Page Rank

Quotes

We would accomplish many more things if we did not think of them as impossible.
— Sajeev

Explore Tags

Follow Us