Skip to content

{ Category Archives } Security

PlainText Passwords at HMV

Today I received a mail from HMV telling me that my two years old points where going to expire, and that’s how I decided to log in on the website and spend them. Unfortunately I did not remember my password and clicked directly on the button “password reminder”.  A few minutes later, I received an e-mail […]

Tagged , , ,

Learn Software Exploitation

Since a few years I have seen many questions on forums pretty similar to that one “how to learn hacking ?“, and usually the answer is “you have to try“. Usually the answers are not very helpful nor redirect the new ethical hackers to good ressources. To answer that question myself, I would begin with […]

Flaws in The USA

Lately, I was traveling across the United States, I went from Miami to the big apple stopping here in there when there was something to visit, anyway during the trip I saw a fair amount of security issues that are well know, but I thought they would all be fixed by now, but nope ! so […]

Password Leaks and Password Managers

These last months have been very busy in password leaks, LinkedIn, Last FM, Yahoo, Le Figaro, PhAndroid, and finally today, I received an e-mail from Nvidia. After the Sony PS3 Network leak, I thought that I should use a secure password manager online, first because I ran out of passwords, then because I couldn’t memorize […]

Tagged , , , , , ,

OS X Version of LDD

If you need to use the ldd command on OS X you will face an error.

However, there is a “similar” command called otool  on OS X that you can use :

For the one who never used it,  the ldd  command is used to show the dynamic libraries a executable is linked to, […]

Tagged , ,

Digital Forensic Examination 101 — Part 1

Digital Forensic Examination also known as Forensic Science is used to recover digital data, this science is often used to find evidence on computers, usb keys, and mobiles but forensic examination can also be used to recover data after a computer crash.  This tutorial will try to help you understand the basics of forensic examination […]

Tagged , , , ,

[Review] Social Engineering: The Art of Human Hacking

I have been reading the “Social Engineering: The Art of Human Hacking” twice lately, the first time to have an overview of the book, and the second time to improve the techniques I tried to apply after my first reading. My first reading was fast, I wanted to know what techniques Christopher Hadnagy (the author) […]

Tagged , , ,

Basic Shellcode Analysis

Analyzing a shellcode is always instructive, it can give the penetration tester hints about what is used in it, or the penetration tester can learn about the techniques used, but he might also prevent himself to use destructive shellcodes. After a few searches on the Internet I found a pastebin page to illustrate my example. […]

Tagged , , , ,

SSH known host on OSX

To manage my multiple machines and test computers on my local network I use SSH, and often after reinstalling a test machine I want to connect back by SSH and my Mac just pops me back this message :

I usually find this message quiet annoying, but knows the commands to avoid this problem, […]

Tagged , , ,

Installing Gerix on Ubuntu from Backtrack’s repository

GerixWiFiCracker is GUI for Aircrack-ng suite, is designed for pentesting in a realworld with efficent and userfriendly graphic interface. Note: This small tutorial is based on the repositories from backtrack 5 R1 and ubuntu 11.10 and ubuntu 12.04 The first step is to add those lines to “etc/apt/sources.list”

Once those lines added to the […]

Tagged , , , , , , ,