ITS Blog

IT Security blog – about up to date topics on IT security

Browsing Posts in Hacking

Openwall just released the 1.7.7 Jumbo 5 patch of John The Ripper to download From Openwall: “This patch integrates lots of contributed patches adding support for over 40 of additional hash and cipher types (including popular ones such as NTLM, raw MD5, etc.), as well as some optimizations and features. Most likely, this is the […]

Currently I am focusing on the topic of password security and guessing of passwords. For this work I started to analyse the famous rockyou password list. This list was leaked in December 2009 [wikipedia]. The list can be found on various sources for example at SkullSecurity, where are a lot more lists as well. Taking […]

On Thursday I attended a workshop on Red Team Testing. Red Team testing comes from military jargon. It means to try to break into a facility. Not only on electronic or network way but also, if needed, physically. At the very first beginning there was a video presented, showing a show called Tiger Team […]

This is the next article in our hacking a website series. To hack a website we need to know the different ways how to perform the attack. These ways are also called attack vectors. Our first vector is Cross Site Scripting. Cross Site Scripting is an attack against the user of a website. An Attacker […]

Following up the announcement, that we a going to hack a website, there are further preparation needed. By now you should have installed VirtualBox to be able to run the Website in a virtual environment. What is missing are the images of our Test site: DVWA – The Damn Vulnerable Web Application DVWA will be […]

In the next weeks I would like to hack a website together with you in order to have a deep look into the web security area. It will be shown how hackers are trying to execute code on a website and which¬† typical problems can occur in case a programmer writes code for a highly […]