Prerequisites You should have already read the previous guide, Breaking Web Applications for Beginners. Even if you're not a beginner, you should at least skim that guide.You should be at the point where you're able to get through the reconnaissance and identification phases quickly for all but the toughest challenges. Overcoming hurdles as an experienced … Continue reading Advanced Tips on Web Application Hacking
The story so far:In the beginning the Internet was created—without any security. This has resulted in countless headaches and been widely regarded as a bad move. ― Douglas Adams (mostly) Prerequisites While this guide doesn't require extensive web development knowledge, it does require a basic understanding of HTTP. In particular: You'll need to know how … Continue reading Breaking Web Applications for Beginners
Humans are bad at passwords. It's true. We're terrible at making them, we're terrible at remembering them, and we're terrible at assessing their quality. It's difficult to emphasize just how terrible we are without demonstrating just how easy they are to break—so that's exactly what we're going to do.
Network traffic analysis can be overwhelming. Even with a solid foundation, it's not unusual for a packet capture to contain so much data that it's difficult to get a sense for what's going on. Improving your analysis techniques can mean the difference between wasting hours on a challenge and solving it in five minutes. Prerequisites … Continue reading Secret Information in Network Traffic Logs: NTA for NCL
Not to be confused with open source software, open source intelligence, often abbreviated OSINT (and not OSI), is the practice of gathering and analyzing information from public sources. This is not to be confused with OSI (which is the Open Systems Interconnection model for networking). Not that many people confuse this. It's mostly just Kait … Continue reading Open Source Intelligence for the National Cyber League Games