Looking to step up your web app pentesting and bug bounty skills? In this video, Alex from TCM Security walks you through some of the best FREE tools and resources to help you sharpen your AppSec knowledge and techniques. Whether you’re just starting out or looking to boost your skill set, these tools are must-haves!
Tag: hacking
hacker TV – Understanding buffer overflow exploitation
The fascinating interplay of CPU, stack, C-compiler and shellcode in a nutshell Everything started with Aleph One’s paper “Smashing the Stack for Fun and Profit”. These techniques are still the basis for modern exploitation of buffer, heap and format string vulnerabilities. We will give a swift overview about C functions, stack usage, assembler, gcc, gdb Read More …
What is the Internet of Things – IoT
The Internet of Things, commonly known as IoT, refers to a network of physical objects or “things” that are connected to the internet and can communicate with each other. These objects can range from everyday household items to sophisticated industrial machines. The key idea behind IoT is that these devices can collect and share data, Read More …
Hacker TV – Hacker Course Buffer Overflow
A first step to become a true Hacker.
Hacker TV – Kerberoasting & Attacks 101
Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Medin walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, Read More …
DDoS – Distributed Denial of Service
A Distributed Denial of Service (DDoS) attack is a malicious attempt to disrupt the normal functioning of a targeted server, service, or network by overwhelming it with a flood of internet traffic. DDoS attacks are executed using multiple compromised computer systems, often referred to as a botnet, which are controlled by the attacker. These botnets Read More …
Malware TV – Reverse Engineering
CTF Field Guide Alex Sotirov, Reverse Engineering 1, Fall 2011
Hacker TV – What Is An XXE Attack?
XML files can incorporate inline references to other documents. Unsafe treatment of external references allows an attacker to probe your file system for sensitive information – an XML External Entity (XXE) attack.
Conference Video – Dirty Red Team tricks
Let’s time travel to 2003 with today’s tools and own everything. This talk takes you inside the red teams at the North East and Mid Atlantic Collegiate Cyber Defense competition events. Raphael Mudge, the developer of the Armitage Metasploit GUI, will guide you on this journey. You will learn how to automate Metasploit, nmap, and Read More …
Conference Video – Fantastic OSINT and where to find it
Open-Source security intelligence is bountiful if you know where to look. The goal of my talk is show you where to find this data, how to utilize it, and how the data you find can be enriched through free and/or commercial tools.