You’ve probably heard that neural networks have gotten amazingly good at recognizing objects in images lately. Our goal is to learn how to put them to work, because that power can be useful in all kinds of…
CONTINUE READING 🡒 Category: Stuff
Inside Magma: How the Russian GOST R 34.12-2015 block cipher…
In the previous installment of our “import-substitution misadventures,” we took a deep dive into the Kuznyechik (Grasshopper) block cipher defined in GOST 34.12–2015. Alongside Kuznyechik, the standard also specifies another cipher with a 64-bit block size called…
CONTINUE READING 🡒 Computer Vision with Python: Training a Neural Network for Digit…
Numeric CAPTCHAs used to be a great way to filter out bots, but you hardly see them anymore. You can probably guess why: neural networks now solve them better than we do. In this article, we’ll look…
CONTINUE READING 🡒 Building a Password Stealer: How to Extract Chrome and Firefox…
You’ve probably heard of a class of malware known as infostealers. Their goal is to exfiltrate valuable data from a victim’s system—most notably passwords. In this article, I’ll explain how they do that using Chrome and Firefox…
CONTINUE READING 🡒 JavaScript for Smart Homes: Arduino Is Out, ESP32 Takes Over
Interest in the Internet of Things is growing by the day—both Cisco and Samsung have rolled out their own IoT courses. The catch is that most of these courses rely on the companies’ proprietary hardware, which is…
CONTINUE READING 🡒 Harness the woolly beast! Identifying critical data in code with…
This article discusses three topics: (1) why should AppSec engineers closely monitor sensitive data contained in their products; (2) how to extract the structure of transmitted data from the service code; and (3) how to assess severity for particular fields in found objects in accordance with…
CONTINUE READING 🡒 Why Learning Assembly Language Still Matters
Are you thinking about learning assembly language but want to understand what benefits it will bring you as a programmer? Is it worthwhile to dive into the world of programming through assembly, or is it better to…
CONTINUE READING 🡒 Creating and Enhancing Your Own Python Port Scanner
Where does a server attack begin? That's right, with reconnaissance! There are many port scanners available, and they perform their tasks quickly and effectively. However, a true hacker should understand how their favorite tools work, so today,…
CONTINUE READING 🡒 Create Your Own Game Cheats: Developing a Trainer in C++
Everyone loves playing games, but it's much more exciting when you have an endless supply of ammo and health. To get both, you can search online for cheats and trainers for your favorite game. But what if…
CONTINUE READING 🡒 Introduction to Assembly Language: Beginner’s Guide to Getting Started
You've decided to learn assembly language but don't know where to start or what tools you need? Let me guide you through it using a "Hello, World!" program as an example. Along the way, I'll also explain…
CONTINUE READING 🡒 Programming Microcontrollers with Python: High-Level Language for Single-Board Computers
There's a joke that after a long day at the computer, a typical programmer goes home, sits down at the PC, and unwinds in the same way. The truth is even more daunting: many of us, after…
CONTINUE READING 🡒 Tempesta FW, a handfull firewall against DDoS attacks
DDoS attacks have become a real scourge of the modern Internet. They are countered by both organizational methods (we wrote about them in our magazine more than once) and technical means. The latter are usually either ineffective…
CONTINUE READING 🡒 Using synctool for server configuration management
The problem of managing a large number of systems is not new, but it has become particularly acute following the spread of clusters and cloud services. A variety of tools has been designed in order to solve…
CONTINUE READING 🡒 How to find vulnerabilities in routers and what to do…
Often, the manufacturers of routers do not particularly care about the quality of their code. As a result, the vulnerabilities are not uncommon. Today, the routers are a priority target of network attacks that allows to steal…
CONTINUE READING 🡒 Hackbook #197. Set up Cisco as server, SOP bypass for…
Set up Cisco as server, SOP bypass for Flash and other
CONTINUE READING 🡒 Oracle DB vulnerabilities: the missing pentester handbook
Today, I would like to discuss the attack vectors used at various stages against the Oracle databases: how to probe the database weaknesses from outside, how to gain a foothold inside and how to automate all this…
CONTINUE READING 🡒 Dive into exceptions: caution, this may be hard
Modern versions of OS impose security-based restrictions on executable code. In this context, the use of exception-handling mechanism in injected code or, say, in the manually projected image may become a non-trivial task, that is, if you…
CONTINUE READING 🡒 Full kit of a Security Officer for $100
Our goal is the carry-on gadgets that justly could be included in the usual of a hacker, a young-gun detective or an info security officer. Today we are going to talk about usage and modify of different…
CONTINUE READING 🡒 Deceiving Blizzard Warden
Nowadays, embedded process and its environment tracking system designed to prevent various unauthorized code modifications is no surprise to anyone: almost any somewhat popular multi-player game project has something similar. In this article we will analyze the…
CONTINUE READING 🡒 In the Depths of iCloud Keychain
The secure storage of passwords and their synchronization between devices is definitely not a simple task. About a year ago, Apple introduced to the world the iCloud Keychain, its centralized password store for Mac OS X and…
CONTINUE READING 🡒