Connect With Me In Facebook

Add me as Friend on Facebook!
Welcome to DefendHackers, If u want to Apply for a Blogroll as a Author , With h4ckfreak Mail me @ suren.click@gmail.com

Mark Zuckerberg tells 8th graders “there’s no shortcuts” and to make friends

By h4ckfreak

123456789

Saturday, August 20, 2011

Detecting Web application firewall during Pentesting

Saturday, August 20, 2011  h4ckfreak  No comments

It has Always been overlooked by Penetration Testers while Testing Web Applications, most of the Web Applications are Protected by Application firewall & it is not so easy to find which firewall has been using,here comes a tool “WAFW00F” which can fingerprint 20 WAF products this helps a Pentester to find and analyse the WebApplication.http://code.google.com/p/waffit/ WAFW00F allows you fingerprint WAF products protecting a website. The tool as of now can fingerprint 20 WAF products. How can it do that? Possibly, it is looking at the following:* Cookies – Some WAF products add their own cookie in the HTTP communication. * Server Cloaking – Altering URLs and Response Headers. * Response Codes – Different error codes for hostile pages/parameters values. * Drop...
Read More

Basics of remote exploits writing

Saturday, August 20, 2011  h4ckfreak  No comments

 Many Peoples are Prefering to use the Publicly Available Exploits than Writing their Own..! Let me ask them Why u cant write ur Own Exploits For ur Attack(I am Just Curious about Exploits ,Some exploits available will work only on Specified Service Packs Or Might Not Work If it has been Patched Or Recently Updated)..So I started almost a couple of weeks to go for reading about metaX ,Thanks for Shobit(Hackersbay) for Sharing the Book..Which Helped me a lot to learn, and am Just has digged my head Into The Ocean Of Exploits Writing i Want to show you all Whaat i Been Doing all Day in a week , i hope my Last post regarding Xploit Writing...
Read More

Exploit Writing (Complete Guidelines For Pen Testers)

Saturday, August 20, 2011  h4ckfreak  No comments

I put some time in and compiled a list in a course type layout to help people in process of learning exploit development. I hope my research will help others spend more time learning and less time searching. First off I want to thank the corelan guys for the help they have provided me so far in the process. layout: I will be posting in a hierarchical structure, each hierarchy structure should be fully understood before moving on to the next section. I will also post sets of Parallel learning topics that you can use to study in line with other topics to help prevent monotony. These Parallel areas will have a start and end mark which...
Read More

Exploit Writing (Complete Guidelines For Pen Testers)

Saturday, August 20, 2011  h4ckfreak  No comments

I put some time in and compiled a list in a course type layout to help people in process of learning exploit development. I hope my research will help others spend more time learning and less time searching. First off I want to thank the corelan guys for the help they have provided me so far in the process. layout: I will be posting in a hierarchical structure, each hierarchy structure should be fully understood before moving on to the next section. I will also post sets of Parallel learning topics that you can use to study in line with other topics to help prevent monotony. These Parallel areas will have a start and end mark which shows when they should be complete in perspective to the overall learning desktop background Link to Backgrounds Other Posts like this one: Because...
Read More

Pages 381234 »