thegreycorner.com
The Grey Corner: Python gdb Disassembly Extension 1.20
http://www.thegreycorner.com/2014/05/python-gdb-disassembly-extension-120.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. Sunday, May 4, 2014. Python gdb Disassembly Extension 1.20. Ive released version 1.20 of my Python gdb Debugging Extensions, which I have now renamed to pygdbdis. The introductory page for the extensions is here. If you want to refresh your memory on what it does. Heres a screenshot of what the fifodisplay output looks like using iTerm2 on OSX. In the top left pane is the...
thegreycorner.com
The Grey Corner: May 2014
http://www.thegreycorner.com/2014_05_01_archive.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. Sunday, May 4, 2014. Python gdb Disassembly Extension 1.20. Ive released version 1.20 of my Python gdb Debugging Extensions, which I have now renamed to pygdbdis. The introductory page for the extensions is here. If you want to refresh your memory on what it does. Heres a screenshot of what the fifodisplay output looks like using iTerm2 on OSX. In the top left pane is the...
thegreycorner.com
The Grey Corner: Omlette Egghunter Shellcode
http://www.thegreycorner.com/2013/10/omlette-egghunter-shellcode.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. Thursday, October 31, 2013. When I first heard about omlette egghunter shellcode. I was pretty keen to give it a try, but did not have the opportunity until after I heard that under some unknown circumstances it "doesn't work" (see the note here. Omlette shellcode is essentially a variation on egghunter shellcode. As previously discussed on this blog. Like Matt Millers origin...
thegreycorner.com
The Grey Corner: October 2011
http://www.thegreycorner.com/2011_10_01_archive.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. Thursday, October 20, 2011. Egghunter based exploit for Vulnserver. A link to the most recent entry in the Vulnserver series is provided below. Its at the InfoSec Institute site once more. Hopefully the next part in the series will be coming up soon, keep watching this space. Posted by Stephen Bradshaw. Links to this post. Stack based buffer overflow. View my complete profile.
thegreycorner.com
The Grey Corner: June 2011
http://www.thegreycorner.com/2011_06_01_archive.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. Saturday, June 25, 2011. SEH Based Buffer Overflow Tutorial for Vulnserver. I wrote this tutorial on exploiting an SEH based vulnerability in Vulnserver a while back and am just getting around to posting a link for it here now that some formatting issues have been sorted. Its at the InfoSec Institute site once more. Posted by Stephen Bradshaw. Links to this post. SpiderLabs B...
thegreycorner.com
The Grey Corner: February 2013
http://www.thegreycorner.com/2013_02_01_archive.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. Saturday, February 16, 2013. It's official. My own entry. In the Hackers Database. What is the Hackers Database? What is the main goal of the Hacker Database? Known as the HDB). Posted by Stephen Bradshaw. Links to this post. Subscribe to: Posts (Atom). View my complete profile. Five Attributes of an Effective Corporate Red Team. A Shadow of our Former Self. Industry Report: ...
thegreycorner.com
The Grey Corner: September 2012
http://www.thegreycorner.com/2012_09_01_archive.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. Saturday, September 1, 2012. Article in Pentest Magazine - Building a pentest system using Ubuntu. Ive got an article in the latest edition of Pentest Magazine about setting up a pentesting system using Ubuntu Linux. This covers the actual process I use at work when setting up a pentesting box. Read more about this issue here. Posted by Stephen Bradshaw. Links to this post.
thegreycorner.com
The Grey Corner: SSLTest
http://www.thegreycorner.com/p/ssltest.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. SSLTest is a command line tool used to test SSL based servers to determine the SSL ciphers and protocols they support. These types of tests are commonly performed during penetration tests and compliance reviews (DSD ISM, PCI-DSS) that include a SSL server in scope. What can it do? What should I know before using it? Things you should be aware of when using the tool:. The tool...
thegreycorner.com
The Grey Corner: Version 0.5 of SSL Testing Tool ssltest.pl
http://www.thegreycorner.com/2015/03/version-05-of-ssl-testing-tool-ssltestpl.html
A blog focused on the related subjects of software exploitation, penetration testing and computer incident detection and response. Monday, March 16, 2015. Version 0.5 of SSL Testing Tool ssltest.pl. Added support for scanning versions 1.1. and 1.2 of TLS. Updated cipher list for the newer versions of OpenSSL. The new list is quite a bit bigger than that of the previous version, but specific support depends on your underlying OpenSSL library. Chris Mahns, from whom I. Borrowed the initial codebase and ide...
gunwantsingh.blogspot.com
Gunwant Singh: June 2008
http://gunwantsingh.blogspot.com/2008_06_01_archive.html
There are no secrets better kept than the secrets that everybody guesses. George Bernard Shaw. Jun 23, 2008. Welcome to my blog spot. This is the first time I am on blog spot. I will add posts on application security, network security and other topics of information security. I am building this up as I get time. Please bear with me. Subscribe to: Posts (Atom). Gunwant dot s at gmail dot com. Using JIRA to manage RISKS - v1.0 - OWASP AppSec EU - June 2016. Read My Lips: Let’s Kill 0Day. It's been a while.
