steve.graham

/Steve Graham

About Steve Graham

This author has not yet filled in any details.
So far Steve Graham has created 18 blog entries.

Hacking Web Applications

Web applications provide an interface between end users and web servers through a set of web pages generated at the server end or that contain script code to be executed dynamically within the client Web browser. Parameter tampering Directory traversals Cross-Site Scripting (XSS) Web Spidering Cookie Poisoning and cookie parameter tampering [...]

July 16th, 2014|Categories: Ethical Hacking Exercises, Hacking Web Applications|Comments Off on Hacking Web Applications

Cryptography

Cryptography is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and electrical engineering. Cryptology prior to the modern age was almost synonymous with encryption, the conversion of information from a readable state to one that didn't make sense. Use encrypting/decrypting commands Generate [...]

July 16th, 2014|Categories: Cryptography, Ethical Hacking Exercises|Comments Off on Cryptography

Buffer Overflow

Buffer overflow is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety. Buffer overflows can be triggered by inputs that are designed to execute code, or alter the way the program operates. This may result [...]

July 16th, 2014|Categories: Buffer Overflow, Ethical Hacking Exercises|Comments Off on Buffer Overflow

Evading IDS, Firewalls and Honeypots

An Intrusion Detection System (IDS) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Some systems may attempt to stop an intrusion attempt but this is neither required nor expected of a monitoring system. [...]

July 16th, 2014|Categories: Ethical Hacking Exercises, Evading IDS, Firewalls and Honeypots|Comments Off on Evading IDS, Firewalls and Honeypots

Hacking Wireless Networks

A wireless network refers to any type of computer network that is wireless and is commonly associated with a telecommunications network whose interconnections between nodes are implemented without the use of wires. Wireless telecommunications networks are generally implemented with some type of remote information transmission system that uses electromagnetic waves such as radio waves for [...]

July 16th, 2014|Categories: Ethical Hacking Exercises, Hacking Wireless Networks|Comments Off on Hacking Wireless Networks

SQL Injection

SQL injection is a technique used to take advantage of non-validated input vulnerabilities to pass SQL commands through a web application for execution by a backend database. Understanding when and how a web application connects to a database server in order to access data Extracting basic SQL injection flaws and [...]

July 16th, 2014|Categories: SQL Injection|Comments Off on SQL Injection

Hacking Web Servers

A web server, which can be referred to as the hardware, the computer, or the software, is the computer application that helps to deliver content that can be accessed through the Internet. Most people think a web server is just the hardware computer, but a web server is also the software computer application that is [...]

July 16th, 2014|Categories: Ethical Hacking Exercises, Hacking Webservers|Comments Off on Hacking Web Servers

Session Hijacking

Session hijacking refers to the exploitation of a valid computer session where an attacker takes over a session between two computers. The attacker steals a valid session ID, which is used to get into the system and sniff the data. In TCP session hijacking, an attacker takes over a TCP session between two machines. Since [...]

July 16th, 2014|Categories: Ethical Hacking Exercises, Session Hijacking|Comments Off on Session Hijacking

Denial of Service

Denial-of-Service (DoS) is an attack on a computer or network that prevents legitimate use of its resources. In a DoS attack, attackers flood a victim's system with illegitimate service requests or traffic to overload its resources and prevent it from performing intended tasks. Create and launch a Denial-of-Service attack on a [...]

July 16th, 2014|Categories: Denial of Service, Ethical Hacking Exercises|Comments Off on Denial of Service

Social Engineering

Social engineering is the art of convincing people to reveal confidential information. Social engineers depend on the fact that people are aware of certain valuable information and are careless in protecting it. Clone a website Obtain user names and passwords using the Credential Harvester method Generate reports for conducted penetration tests [...]

July 16th, 2014|Categories: Ethical Hacking Exercises, Social Engineering|Comments Off on Social Engineering