You’ve dealt with plenty of protocols over the years—some you’ve used, others you may have reverse‑engineered. Some were easy to read; others were indecipherable without a hex editor. In this article, I’ll show you how to design…
CONTINUE READING 🡒 Category: Stuff
How Keyloggers Evade Antivirus: A C# Proof of Concept
Full-fledged keyloggers packed with features and anti-detection measures can cost dozens, if not hundreds, of dollars. But a keylogger isn’t that complex, and if you want, you can build your own and even evade antivirus detection. In…
CONTINUE READING 🡒 
Python Generators and Iterators: How They Work and When to…
These days, data is steadily becoming the “new oil” in terms of value. The catch is that the volumes we have to process are growing by the hour. Plenty of it won’t fit on a hard drive…
CONTINUE READING 🡒 
Getting Started with VR: A Comprehensive Guide to Virtual Reality…
Public interest in VR waxes and wanes, but the tech keeps getting better. If you’re thinking about picking up a VR headset, this guide is for you: we’ll break down the strengths of what’s on the market…
CONTINUE READING 🡒 
Python Computer Vision: Training a Neural Network for Bear vs.…
You’ve probably heard that neural networks have gotten amazingly good at recognizing objects in images lately. Our goal is to learn how to put them to work, because that power can be useful in all kinds of…
CONTINUE READING 🡒 
Inside Magma: How the Russian GOST R 34.12-2015 block cipher…
In the previous installment of our “import-substitution misadventures,” we took a deep dive into the Kuznyechik (Grasshopper) block cipher defined in GOST 34.12–2015. Alongside Kuznyechik, the standard also specifies another cipher with a 64-bit block size called…
CONTINUE READING 🡒 
Computer Vision with Python: Training a Neural Network for Digit…
Numeric CAPTCHAs used to be a great way to filter out bots, but you hardly see them anymore. You can probably guess why: neural networks now solve them better than we do. In this article, we’ll look…
CONTINUE READING 🡒 
Building a Password Stealer: How to Extract Chrome and Firefox…
You’ve probably heard of a class of malware known as infostealers. Their goal is to exfiltrate valuable data from a victim’s system—most notably passwords. In this article, I’ll explain how they do that using Chrome and Firefox…
CONTINUE READING 🡒 
JavaScript for Smart Homes: Arduino Is Out, ESP32 Takes Over
Interest in the Internet of Things is growing by the day—both Cisco and Samsung have rolled out their own IoT courses. The catch is that most of these courses rely on the companies’ proprietary hardware, which is…
CONTINUE READING 🡒 
Harness the woolly beast! Identifying critical data in code with…
This article discusses three topics: (1) why should AppSec engineers closely monitor sensitive data contained in their products; (2) how to extract the structure of transmitted data from the service code; and (3) how to assess severity for particular fields in found objects in accordance with…
CONTINUE READING 🡒 
Why Learning Assembly Language Still Matters
Are you thinking about learning assembly language but want to understand what benefits it will bring you as a programmer? Is it worthwhile to dive into the world of programming through assembly, or is it better to…
CONTINUE READING 🡒 
Creating and Enhancing Your Own Python Port Scanner
Where does a server attack begin? That's right, with reconnaissance! There are many port scanners available, and they perform their tasks quickly and effectively. However, a true hacker should understand how their favorite tools work, so today,…
CONTINUE READING 🡒 
Create Your Own Game Cheats: Developing a Trainer in C++
Everyone loves playing games, but it's much more exciting when you have an endless supply of ammo and health. To get both, you can search online for cheats and trainers for your favorite game. But what if…
CONTINUE READING 🡒 
Introduction to Assembly Language: Beginner’s Guide to Getting Started
You've decided to learn assembly language but don't know where to start or what tools you need? Let me guide you through it using a "Hello, World!" program as an example. Along the way, I'll also explain…
CONTINUE READING 🡒 
Programming Microcontrollers with Python: High-Level Language for Single-Board Computers
There's a joke that after a long day at the computer, a typical programmer goes home, sits down at the PC, and unwinds in the same way. The truth is even more daunting: many of us, after…
CONTINUE READING 🡒 
Tempesta FW, a handfull firewall against DDoS attacks
DDoS attacks have become a real scourge of the modern Internet. They are countered by both organizational methods (we wrote about them in our magazine more than once) and technical means. The latter are usually either ineffective…
CONTINUE READING 🡒 
Using synctool for server configuration management
The problem of managing a large number of systems is not new, but it has become particularly acute following the spread of clusters and cloud services. A variety of tools has been designed in order to solve…
CONTINUE READING 🡒 
How to find vulnerabilities in routers and what to do…
Often, the manufacturers of routers do not particularly care about the quality of their code. As a result, the vulnerabilities are not uncommon. Today, the routers are a priority target of network attacks that allows to steal…
CONTINUE READING 🡒 
Hackbook #197. Set up Cisco as server, SOP bypass for…
Set up Cisco as server, SOP bypass for Flash and other
CONTINUE READING 🡒 
Oracle DB vulnerabilities: the missing pentester handbook
Today, I would like to discuss the attack vectors used at various stages against the Oracle databases: how to probe the database weaknesses from outside, how to gain a foothold inside and how to automate all this…
CONTINUE READING 🡒