* Please read our disclaimer before proceeding Understanding HTTP headers In part 4 of this series we discussed the HTTP protocol and different methods used. In this part we’ll discuss the information in more detail. Especially the header request and response information is highlighted. Analyzing header information We saw that all HTTP messages (requests and… Read More
Web Application Security & Hacking | Analyzing Protocols (part 4)
* Please read our disclaimer before proceeding Understanding web protocols In part 3 of this series we discussed the different architectures and possible roles within a web architecture. In this part we’ll discuss the underlying protocols and structures in more detail. Analyzing HTTP Hypertext transfer protocol (HTTP) is the core communications protocol used to access… Read More
Web Application Security & Hacking | Architecture (part 3)
* Please read our disclaimer before proceeding Understanding web architectures In part 2 of this course we discussed the different architectures and possible roles within a web architecture. In this part we’ll discuss this in more detail. Web client and web server The client/server model is a computing model that describes the interaction between the… Read More
Web Application Security & Hacking | Overview (part 2)
* Please read our disclaimer before proceeding Understanding web architectures In part 1 of this course we discussed the different stages of an hack. Now its time to first have a bit more understanding and background information about web application architectures. To have a successful test of your web application you need to have a… Read More
Web Application Security & Hacking | Hacking basics (part 1)
*Please read our disclaimer before proceeding Foreword This course is a practical guide on how to to discovering and exploiting security flaws in web applications. By “web applications” we mean applications that are accessed using a web browser to communicate with a web server infrastructure. Web applications are common in most organizations today. Vulnerabilities in… Read More
NEW! Free Web Application Security & Hacking Series
Hi there! It’s been a while that I’ve published some new material on this website but finally! And how! Starting off this month with a whole new series concerning Web Application Security & Hacking and Security Architecture. Both of them handed out in parts. Have Fun!
The Danger of Portable Media
Many companies surprisingly aren’t worried about employees using a private USB stick or Hard Disk to get some data from the company network and do some work at home. However, portable storage devices pose a serious security threat. It can be lost or intentionally be used to leak sensitive data, and introduce serious trouble into… Read More
Services hardening within Windows Server 2008 and Windows 7
In the past Windows services are causing a large amount of attacks on the Windows platform. An attacker can rely on Windows services because the most common are almost always present on a Windows Machine. Like this creating a highly predictable situation and of course this all comes with the privilege level of services. This… Read More
Working with Windows User Account Control (UAC) and how to disable
Daily user don’t want to think about their rights on a machine to get their work done. It’s simple and gives us the biggest freedom to have the highest rights possible. So, Windows users are used to work with administrative privileges in both the enterprise organization and at home. This article discusses Windows User Account… Read More
Windows integrity level mechanism (WIL)
Vista and later versions of Windows include a new feature called “Mandatory Integrity Controls” but also became known as “Windows Integrity Levels” (or WILs). Under WIL, every object that can have permissions can also have a label, stored in roughly the same place as it stores permissions, that identifies its “integrity level.” this article dicusses… Read More
