Section: .. / papers / general /
| /// File Name: |
binfmt-en.pdf |
Description:
|
Polluting sys_execve() in kernel space without depending on the sys_call_table[]: A paper discussing design weaknesses in the linux kernel's handling of simply linked lists used to register binary formats. English version.
| | Author: | SHELLCODE Security Research TEAM | | Homepage: | http://www.shellcode.com.ar | | File Size: | 387120 | | Last Modified: | Oct 9 19:47:50 2006 |
| MD5 Checksum: | cbc9e056a14996a9afd144bb757b9ce5 |
|
| /// File Name: |
A_Modular_Approach_to_Data_Validati..> |
Description:
|
This paper presents a modular approach to performing thorough data validation in modern web applications so that the benefits of modular component based design; extensibility, portability and re-use can be released. The paper begins with an explanation of the vulnerabilities introduced through poor validation and then goes on to discuss the merits of a number of common data validation methodologies. A modular approach is introduced together with practical examples of how to implement such a scheme in a web application. It also provides information on common attack vectors, principles of validation, a modular solution and implementation of that solution.
| | Author: | Stephen de Vries | | Homepage: | http://www.corsaire.com/ | | File Size: | 382808 | | Last Modified: | Apr 12 14:59:25 2006 |
| MD5 Checksum: | a0b2f3ac1b5d56c1eb5b580c14a11f16 |
|
| /// File Name: |
UBehavior.zip |
Description:
|
Whitepaper discussing the exploitation of uninitialized data.
| | Author: | mercy | | Homepage: | http://www.felinemenace.org/ | | File Size: | 372833 | | Last Modified: | Jan 4 00:17:44 2006 |
| MD5 Checksum: | d247ac8afbe9033ebea4e8d93a16806b |
|
| /// File Name: |
SecureDevelopmentv06.pdf |
Description:
|
Corsaire White Paper: Secure Development Framework. This paper addresses the need for an infrastructure to exist in which things are securely developed to help mitigate the high costs incurred when vulnerable software is released into the wild.
| | Author: | Glyn Geoghegan | | Homepage: | http://www.corsaire.com | | File Size: | 343216 | | Last Modified: | May 19 21:19:44 2004 |
| MD5 Checksum: | 7155cf428ccb06b0b9b83af4dbfd755f |
|
| /// File Name: |
Security_Breach_Survey.pdf |
Description:
|
White and Case, a top NYC law firm, posted a survey on Data Security Breach Notifications on September 26, 2005. From the press release: "Victims of personal data security breaches are showing their displeasure by terminating relationships with the companies that maintained their data, according to a new national survey sponsored by global law firm White & Case. The independent survey of nearly 10,000 adults, conducted by the respected privacy research organization Ponemon Institute, reveals that nearly 20 percent of respondents say they have terminated a relationship with a company after being notified of a security breach."
| | Author: | Ponemon Institute | | Homepage: | http://www.whitecase.com/news/news_detail.aspx?newsid=11731&type=News%20Releases | | File Size: | 330889 | | Last Modified: | Oct 4 00:14:13 2005 |
| MD5 Checksum: | 57fc4866bcbc56b61a9f66cfed7993e4 |
|
| /// File Name: |
banking-flaws.pdf |
Description:
|
Whitepaper entitled Internet Banking Flaws In India.
| | Author: | webDEViL | | File Size: | 312348 | | Last Modified: | Nov 4 00:46:42 2008 |
| MD5 Checksum: | 4f9d8bbb8f81dae1a06b4b258f70a18e |
|
| /// File Name: |
tools.ps |
Description:
|
Automated Tools for Testing Computer System Vulnerability: Discusses some of the automated tools for checking the security of a wide variety of systems
| | File Size: | 309577 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 5375d8a3754042a2e917bff30f5c3cdf |
|
| /// File Name: |
vdwgreport.pdf |
Description:
|
The US Department of Homeland Security's "Vulnerability Disclosure Framework" document.
| | Homepage: | http://www.dhs.gov/ | | File Size: | 307070 | | Last Modified: | Jan 13 17:07:56 2007 |
| MD5 Checksum: | 6bdc9752e2b650847982d521426669e4 |
|
| /// File Name: |
Implementing_And_Detecting_A_PCI_Ro..> |
Description:
|
Whitepaper entitled "Implementing and Detecting a PCI Rootkit". This paper discusses means of persisting a rootkit on a PCI device containing a flashable expansion ROM.
| | Author: | John Heasman | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 304132 | | Last Modified: | Nov 17 20:47:39 2006 |
| MD5 Checksum: | 7084bf1c02b55654aea3de77ef71ed9b |
|
| /// File Name: |
part1.ps |
Description:
|
An Introduction to Computer Security: The NIST Handbook: A publication of the US National Institute of Standards and Technology. Draft Copy. Part I.
| | File Size: | 299544 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 1ac8317ffc950b0d26413f24356b10f6 |
|
| /// File Name: |
whitepaper_httpresponse.pdf |
Description:
|
Divide and Conquer - HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics. This whitepaper discusses a new application attack technique and provides use cases.
| | Author: | Amit Klein | | File Size: | 297302 | | Last Modified: | Mar 4 18:07:00 2004 |
| MD5 Checksum: | a88cdaabfffc1297b09a899e0cadf9c1 |
|
| /// File Name: |
primer.ps |
Description:
|
Coping with the Threat of Computer Security Incidents: A Primer from Prevention through Recovery: A basic text for the author's one-day seminar on the practical aspects of computer security in an unclassified networked environment
| | File Size: | 293589 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 3af8eee428825555e4211dd6874cb192 |
|
| /// File Name: |
estcsirc.ps |
Description:
|
Establishing a Computer Security Incident Response Capability: Procedures and issues for establishing a computer security incident response team
| | File Size: | 292992 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 82e372f26332e3e0945c8805f2ad381c |
|
| /// File Name: |
enterprise_specific_security.sxw.pd..> |
Description:
|
White-paper that discusses how large enterprises use a different class of software than small companies. This software and the environment it is purchased in is subject to particular constraints that often require a different strategy. This paper presents the problems with concrete and current examples and suggests some solutions.
| | Author: | Dave Aitel | | Homepage: | http://www.immunitysec.com/ | | File Size: | 292287 | | Last Modified: | Apr 2 05:54:00 2004 |
| MD5 Checksum: | f08fdd20ce1f278a7a74b4d4494b495b |
|
| /// File Name: |
tempest.pdf |
Description:
|
The story regarding how the United States first learned about the fundamental security vulnerability called "compromising emanations" is revealed for the first time in this 1972 paper called TEMPEST: A Signal Problem.
| | Homepage: | http://www.nsa.gov/ | | File Size: | 284750 | | Last Modified: | Apr 29 21:06:17 2008 |
| MD5 Checksum: | 6930f3cfa80a029f63102875a3947dcc |
|
| /// File Name: |
OSFingerPrint.pdf |
Description:
|
Chatter on the Wire: A look at excessive network traffic and what it can mean to network security. This paper takes a look at past Active and Passive OS Fingerprinting tools and where to go with them in the future. It is primarily geared towards how to use passive OS identification to its greatest potential using every packet that flows across the network, not just tcp packets.
| | Author: | Eric Kollman aka xnih | | Homepage: | http://myweb.cableone.net/xnih | | File Size: | 271704 | | Last Modified: | Aug 9 04:57:09 2005 |
| MD5 Checksum: | 828d73dffef771e060631997bc7e87a4 |
|
| /// File Name: |
hacking-dict.html |
Description:
|
This document clarifies many of the terms used within the context of information security (infosec). Version 0.1.2, last updated January 25, 2000.
| | Author: | Robert Graham | | File Size: | 267058 | | Last Modified: | Jan 25 20:50:33 2000 |
| MD5 Checksum: | 0f7e76f383a4bb54cf1dd4f9495b2dd9 |
|
| /// File Name: |
browser_insecurity_iceberg_2008.pdf |
Description:
|
Understanding the Web browser threat: Examination of vulnerable online Web browser populations and the "insecurity iceberg".
| | Author: | Stefan Frei,Thomas Duebendorfer,Gunter Ollmann,Martin May | | File Size: | 265522 | | Last Modified: | Jul 1 12:37:48 2008 |
| MD5 Checksum: | af684f84277d52eb31988b9ac44515b2 |
|
| /// File Name: |
part5.ps |
Description:
|
An Introduction to Computer Security: The NIST Handbook: A publication of the US National Institute of Standards and Technology. Draft Copy. Part V.
| | File Size: | 260520 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | 38f97e1f7cd3e561f1bb541899da17ae |
|
| /// File Name: |
handbook.txt |
Description:
|
Site Security Handbook - RFC 1244: The product of the Site Security Policy Handbook Working Group of the Internet Engineering Task Force
| | File Size: | 253471 | | Last Modified: | Oct 1 17:22:48 1999 |
| MD5 Checksum: | b2408d2354d2ddbcdc5f0339fee5eaa8 |
|
| /// File Name: |
report.pdf |
Description:
|
Whitepaper discussing how DNS can be used for detecting and monitoring in a network.
| | Author: | Antoine Schonewille,Dirk-Jan van Helmond | | File Size: | 244923 | | Last Modified: | Feb 25 20:34:33 2006 |
| MD5 Checksum: | 741418521669132f0fd03db71e85f5c9 |
|
| /// File Name: |
vote.pdf |
Description:
|
Analysis of an Electronic Voting System - This paper describes several security flaws in Diebold electronic voting machines. Voters may be able to cast multiple ballots with little built in traceability, administrative functions can be performed by regular voters, and inside poll workers, software developers, and janitors can rig the vote. The smart card system is insecure and uses plaintext passwords. The code appears unaudited and there is no ability to do a paper recount.
| | Author: | Adam Stubblefield,Tadayoshi Kohno,Dan S. Wallach,Aviel D. Rubin | | File Size: | 244831 | | Last Modified: | Oct 31 14:21:22 2003 |
| MD5 Checksum: | 3b6981806063c69b646d789f3f009136 |
|
| /// File Name: |
ewdd.pdf |
Description:
|
Exploiting Windows Device Drivers - this paper introduces device driver exploitation techniques, provides detailed descriptions of techniques used and includes full exploit code with sample vulnerable driver code for testing purposes.
| | Author: | Piotr Bania | | Homepage: | http://pb.specialised.info/ | | File Size: | 232971 | | Last Modified: | Oct 18 19:40:44 2005 |
| MD5 Checksum: | c5eaa08dfb7ca0000e1705388a72e1a3 |
|
| /// File Name: |
Software.Distribution.Malware.Infec..> |
Description:
|
This paper presents an efficient mechanism as well as the corresponding reference implementation for on-the-fly infecting of executable code with malicious software. Their algorithm deploys virus infection routines and network redirection attacks, without requiring the modification of the application itself. This allows infection of executables with an embedded signature when the signature is not automatically verified before execution. They briefly discuss countermeasures such as secure channels, code authentication as well as trusted virtualization that enables the isolation of untrusted downloads from other applications running in trusted domains or compartments.
| | Author: | Felix Groebert | | Homepage: | http://groebert.org/felix | | File Size: | 223713 | | Last Modified: | Jul 18 17:30:01 2008 |
| MD5 Checksum: | f0295501b1659600e2481f6a2cb082cb |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
