Assembly – Loops and Conditionals

Course notes from Vivek Ramachandran’s online class “x86/64 Assembly and Shellcoding on Linux“ Loops In Assembly there is a keyword command called “loops,” which iterates over a function/block, decrementing a counter each time and this repeats until the counter reaches 0. It is important to remember that the counter is stored in ECX/RCX – this is where the loop ... »

Assembly – Relating to the Stack

Course notes from Vivek Ramachandran’s online class “x86/64 Assembly and Shellcoding on Linux“ The stack can be visualized as a stack of memory objects.  As things are added to the stack, they are added in last, and when they are removed the last item in the stack is removed first.  In other words a stack is based on Last In First Out. RSP is a pointer that points to the top of t... »

Assembly – Data Segment

While going through Vivek Ramachandran’s course on 64bit Assembly Language on Linux, I came across a lecture of his where he introduces an ASM keyword called “ds.”  Here’s his example: The highlighted line in the gdb (GNU Debugger) screenshot above references this command: mov rsi, QWORD PTR ds:0x60017c This threw me because I didn’t know what it was saying.  After so... »

Assembly – Moving Data

Course notes from Vivek Ramachandran’s online class “x86/64 Assembly and Shellcoding on Linux“ Common Data Moving Instructions MOV The mov keyword in Assembly allows for moving data within the Assembly protocol.  This command can be used to mov data: Between registers From Memory to a register and vice versa Data to register Data to memory LEA (Load Effective Address) This loads ... »

Assembly – Data Types

Course notes from Vivek Ramachandran’s online class “x86/64 Assembly and Shellcoding on Linux“ Byte = 8 bits Word = 16 bits Double Word = 32 bits Quad Word = 64 bits Double Quad Word = 128 bits »

Assembly – Writing Hello World

Course notes from Vivek Ramachandran’s online class “x86/64 Assembly and Shellcoding on Linux“ This is a simple hello world application, written in assembly.  When run, it will output to the screen the words “Hello World.”  Below, I will go through the phases of how I constructed it, based on the course material linked at the top of this post. Phase I: Sections When s... »

Page 1 of 212

Statically Typing Better Performance?

I’ve heard this quite a bit about dynamically typed languages (like Python, Ruby, Groovy, etc.) It actually makes a lot of sense.  If the compiler doesn’t have to discover/lookup what something is, it should be faster, right? Python / Cython Check out this article on Python and Cython: Just by statically defining the variables/params... »

Automated Audio Detection

There aren’t a lot of libraries to accomplish this task of validating audio playback.  I saw this question on Stack Overflow and my solution was to provide a script that uses sox for the audio detection. Test Browser Based Phone Audio Presence With web phone calls, you have two major protocols: WebRTC and RTMFP.  The later is flash based.   Usually WebRTC is the choice decision – but i... »

Groovy & Selenium

I’m not a fan of the GEB browser automation framework for Groovy.  In fact I prefer to use just straight selenium with Groovy. Getting up and going with Selenium in Groovy should be pretty easy. If you’re using Intellij here’s what you would do: Download the Selenium standalone server jar  & the Selenium Java jar Create a new Groovy project in Intellij In the new Intellij Gro... »

OSX: Geolocating Laptop History based on SSID

Concept The concept for this came from the book Violent Python: A Cookbook for Hackers, Forensic Analysts, Penetration Testers and Security Engineers .  The python solution was pretty complex and his approach was Windows specific.  In my case I wanted to run the OSX variant command to get my SSID history.  I got the string to do so, and used RegEX I found online to pull out the BSSID (mac address)... »

Building a Port Scanner in Groovy, Python & Ruby

My scripts are hard coded to localhost. If you scan a remote host, make sure you have permission to scan it (i.e. your test environment, your client who requests some security testing, etc) and consider any legal issues in your region. I’m language agnostic.  I love the Watir framework in Ruby for web automation (due to the community behind it), and I love Groovy/Grails for the web developme... »

Updating MD5 Tool To use SHA 256/512 Hash

Back in the previous post on making a tool to find MD5 hash values… we were limited to just MD5 hash types.  To add more support for testing, I added support for more hash types (SHA-256 and SHA-512), by doing the following: Controllers The functions in the AddToDictionaryController: def submitToDictionary(){ def newWord = params.newWord def digest = MessageDigest.getInstance... »

Page 1 of 212

Java Basics: Class Constructor and Set Methods

Within the Java paradigm there is an idea of Getters and Setters.  The idea behind this is encapsulation… that is, to keep most of a class private, except for specific methods you want to expose. For example, consider you had a class called Broker.  Perhaps you don’t want all the elements in the class exposed, but you do want people to be able to get Broker names and set Broker names. ... »

Java Basics: Operator Order

In Java there is an order to how operators are evaluated. * (multiplication), / (division) and % (modulo) are evaluated first. + (addition) and – (subtraction) are evaluated next. = (assignment) is evaluated last. When there are multiple operators that would evaluated at the same time, they are picked in order from left to right. For example: answer = ab%c – d/e+f would be resolved in ... »

Java Basics: Data Hierarchy

The data hierarchy of java (from smallest to largest) is: Bits (or binary), which are values of 0 or 1. Characters, which are single values of numbers or letters (or Unicode characters.) Fields, which are composed of characters (more than one.) Records, which are several fields. File, which contains multiple records.   »

Java Basics: Abstraction & Interfaces

Java:Basics – Interfaces Like Python, Ruby and other languages, Java is big on inheritance. One can define functionality in a super class and extend that into sub classes (sub classes inheriting from the parent class.) Abstraction In Java, you can define a parent class as being abstract.  More than that, you can define the methods in the class as abstract as well.  This allows the methods to... »

Java: Infection Simulator

Awhile back I wrote a vampire infection sim in Python, as well as Groovy and Ruby.  Below is a simplified version written in Java. Concept The idea behind this simulator is to take a population of people and a virus infection.  To simplify the calculation we will generate stats on the strength of an individual human (member of the population) and the strength of the virus (viruencly.) The sim will... »

Node: Inheritance

Using the events and util classes in the core Node library, we can define inheritance: var Events = require(‘events’); var util = require(‘util’); function hello() { this.greeting = “Hi!”; } util.inherits(hello, Events);   »

Node: Prototype Inheritance

Function construction in Node is pretty straight forward: function someFunction(){ console.log(“hi”); } Functions can also be assigned to an object like so: var greeting = function someFunction(){ console.log(“hi”); } You can also follow a class type pattern doing something such as: function Car(make, model, year){ this.make = make; this.model = model; this.year = year; } v... »

Prototyping with Node.js

My use of the word prototype, is not the function, but rather the concept.  One of my IT mentors taught me that prototyping an application is extremely useful. That is to say, to quickly create a functioning application in some scripting language.  Then, if the app’s logic is sound, one can transition it to a different language if needed. Node.js In my current situation, I had a tool I wrote... »

Node.js – Managing Dependancies

Similar again to the Ruby Gemspec, Node.js has a file that manages all the dependancies for the project. This is managed through a file called package.json.  In the json formatted file, you simply add the dependancies you’re wanting in the project, along with the version. Here’s an example: { "name": "NodeJS", "version": "0.0.0", "private": true, "scripts": { "start": "node ./bin/www" ... »

Node.js – Installing Libraries and Frameworks

This article assumes you have Node.js and NPM installed. Similar to Ruby and it’s gem methodology, Node.js has a structure of installing libraries through NPM. Installing to a Single Project Simply go to the directory of your project and type the command npm install [library name] you can also use npm uninstall [library name] This installs the library or framework into the project you’... »

Node.js – Intellij SetUp

This article assumes you’ve installed Node.js on the computer. In order to make use of Node.js and the Express.js framework in Intellij, you need to install the plugin. This is how it works on OSX, Windows should be similar…. When you launch Intellij, close any project that opens. Make sure you’re at the “Welcome to Intellij” window. In the bottom right of the window ... »

Page 1 of 212

Form Fuzzing with Python and Mechanize

Another module in the Python standard library, is that of Mechanize.  Mechanize is a Python headless browser.  With Mechanize you can interact with web applications.  This could allow for headless verification of functionality (QA) or could be used in Penetration Testing. Proof of Concept with Python Mechanize In the following POC, I wrote a little script that interacted with some test web apps I ... »

Link Harvesting in Python

I’ve done extensive work with link validation in websites, using a mix of Ruby / Anemone (spidering library) and Watir (web automation library.) In this post I’ll cover a similar approach from the Python side using Python and BeautifulSoup.  What’s nice about this pairing is that it’s all part of the standard library in Python.  You don’t have to install or download a... »

Python – Processes

In taking Vivek Ramachandran’s course on Python for Pentesting, in lecture 13 he deals with the subject of processes.  Personally I feel he jumps into a more intermediate/advanced topic from where we were in the previous lectures. For that reason of his jump in difficulty, I pulled some information from various sources to help digest what he’s teaching here. What is a Process vs. a Thr... »

Python & Pentesting: Signals Exercise

At the Pentester Academy I took a course called Pentesting with Python.  It’s a great course… if you have an interest in Python and Security, I highly recommend it. Task The instructor (Vivek Ramachandran) provides student exercises at the end of most of the lectures.  In lesson 16 (on signaling) he asks the students to write a Python script that does the following: Create a TCP server... »

Python Port Banner Grabber

As this is considered an Active and not Passive Scan, be sure you either own the hardware you are port scanning, or you have permission to do so.  The legalities depend on geo location, but in some cases have involved arrest, detainment or fines.  Again – be sure you have permission (or own the network in question) to perform a port scan. Banner Grabber Rather than use a 3rd party tool, a si... »

Hacking Biofeedback Machines with Python

Overview This walk-through will make use of Python and Wireshark to sniff data packets out of a commercial product with bio sensors (heart rate and GSR.)  We will pull data from an iOM device that has no public endpoints and a closed API.  We will make use of a packet sniffer (Wireshark) and Python to write a few lines of code to listen to the port and send the commands we discover in the sniffing... »

Page 1 of 512345

R: Reading Data

When importing data from a file into R, the common methods are: read.table() read.csv() read.csv2() read.table() is a common method, but requires more parameters to be passed like (file, header, the separator, row names, number of rows.) It also reads the data directly into your computers RAM, which for big data sets this could be a problem. If it is a big data set, it might be more prudent (if us... »

R: Getting and Importing Data

R can directly import data from URL’s by using the following syntax: fileCameras <- "" download.file(fileCameras, destfile="baltimore_cameras.csv",method="curl")fileCameras <- "" »

NASA’s OpenNEX Datasets

NASA has a really cool website: The website allows you to access large data sets and connect to virtual lab’s using Amazon AWS. Not only do you get the data sets, virtual lab’s, but you also have the ability to win prizes and listen to various lecturers on this subject matter. Caveat While it’s all free, AWS is a tricky p... »

R Functions

Much like my other basic post on functions… R has it’s own use of functions. In R, you assign a function class to a object (remember in R class and object mean something different then in OO languages.)  A class is like a type (int, character, etc.)  and object is like the symbol. f <- function(argument){    some code } In the above example, the symbol (object) f, is set to the clas... »

R Control structures

Much like other languages, R has a set of control structures.  Namely: If / else (if a condition is met, do something) For (loop for x number of times) While (while something is true, loop) Repeat (infinite loop) Break (exit a loop) Next (skip an iteration of a loop) Return (exit a function) IF If you are familiar with Java or Groovy, the R if statement looks the same: if(some condition){    run s... »

R Info – basics

R Basics R History R is derived from S that came from Bell Labs.  S was written over Fortran.  S was later rewritten to be driven by C. R Types base types in R are called “atomic” types. The atomic types in R are: character numeric (real numbers) integer complex logical (boolean) Vector most basic object in R contains objects of the same class The only type of vector that can have different atomic... »

Page 1 of 212

Ruby Performance Testing with Watir

A reader of mine asked me how they should go about performance testing some front end performance.  This is a good question, because tools such as JMeter are pretty good at getting performance metrics for load – but you must keep in mind that JMeter isn’t a browser and doesn’t always find front end performance issues. For example, if a user had a AJAX call on a web page, and they... »

Ruby: Querying a MySQL database

This is a short and easy little post regarding Ruby and using it to query a MySQL database… This came up for one of my students.  I wanted him to get used to finding solutions to problems. I gave him a problem of validating some activity by automating a SQL call to a database.  Any language could be used, but since we were working with Web Automation I picked Ruby. there’s a variety of... »

Web Automation with CSV Imports

I had a real life request at work the other day.  My boss had a goal of migrating some phone numbers to different POPs.  In fact he had a large list – 4,000+ numbers.  The carrier in question only had a web interface for this task (no API) and the web interface would only take one number at a time.  The carrier’s website was slow, taking about 10 seconds for time to find a number in th... »

Automating SEO, Link and Page Validation

Note #1: make sure you have the right to test or crawl the site you are obtaining links from or testing the title and meta data of.  To fire off a test like this against a random site could result in your IP being banned by the admin.  It could also be deemed an attack by some. Note #2: If you have permission and the site you are testing is hosted by GoDaddy, you will have to work with Tier 2 supp... »

Installing Nokogiri on OSX

This is such a pain to install on OSX.  Due to Xcode or some other nonsense, OSX has a real hard time getting the required lib’s to get Nokogiri installed… you can try and follow the directions on the Nokogiri main site but it won’t work. The solution I found in a comment on Stack Overflow and I’m listing it here for further reference: gem install nokogiri — –wi... »

Ruby Image Scraper

A guy I know was looking for a script that could pull down images off his site. I had a previously made Ruby script that would scrape URL’s and load each link in a browser to check for patterns, errors, etc. Using that same script, I added some Nokogiri scripting I found here: My result was this little script̷... »

Page 1 of 41234