CTF and shitz

Reversing, exploits, malware analysis and other stuff

A mix of everything

Sticky:
InfoSec conferences calendar: http://www.google.com/calendar/embed?src=pe2ikdbe6b841od6e26ato0asc%40group.calendar.google.com

Crackmes
http://www.woodmann.com/RCE-CD-SITES/Quantico/crackme%27.htm
http://f0dder.reteam.org/crackmes.htm
http://www.reversing.be/index.php?topic=crackmes
https://malwarereversing.wordpress.com/2011/05/13/crackmes-de-mirror/
http://my.opera.com/taviso/blog/show.dml/241047
http://forum.cheatengine.org/viewforum.php?f=39
http://lkubaski.free.fr/reverse/reverse.html
CrackMe Practices: http://www.reteam.org/ID-RIP/crackmes.htm

Defcon mystery challenge
http://1o57.wikispaces.com/

Emulator
http://www.dosbox.com/download.php?main=1

15 incredibly useful (and free) Microsoft tools for IT pros

Source: https://www.networkworld.com/slideshows/2011/071911-microsoft-tools.html

Summary of the tools: (also from the link above)

WSCC – Windows System Control Center - Windows System Control Center is a one-stop downloader for almost 300 maintenance tools from Microsoft's Sysinternals and the ever-popular NirSoft suites.
RichCopy 4.0 - This little Microsoft TechNet invention spares you the headache of learning, checking and retyping command lines.
Microsoft Attack Surface Scanner - Microsoft's Attack Surface Scanner is a sort of checklist that helps you analyze security issues and plug possible vulnerabilities fast.
Microsoft Standalone System Sweeper Tool - In case of a (deep) infection of boot files by viruses or rootkits, there's not much a real-time scanner can do. In that case, MSSSST (yes, that's Microsoft's naming convention at its best) creates a bootable CD, DVD or USB key that hosts an offline copy of Microsoft Security Essentials -– including all the latest signatures downloaded from MS servers beforehand.
NoReplyAll add-in for Outlook 2007 and 2010 - "NoReplyAll" (a Microsoft Research Project) prevents e-mail recipients from forwarding or using "Reply All" to spread your e-mail to other co-workers.

Permutation Oriented Programming

Stumbled upon this post a few month ago

<++BOF>

-=[ Introduction
Many works have been done regarding evasion techniques against Intrusion Detection System (IDS) and Intrusion Prevention System (IPS), but most of them are related to:

- Packet fragmentation [1]
- Stream segmentation [1]

- Byte and traffic insertion [1]
- Polymorphic shellcode [2]

- Denial-of-Service [1]
- URL obfuscation (+ SSL encryption) [3]

- RPC fragmentation [4]
- HTML obfuscation [5] and JavaScript obfuscation [6]

- Etc...

Defcon19 CTF Quals Write-ups

Disclaimer: I didn't write any of these write-ups

http://ctfcentral.org/defcon/home.html

Challenge repository at Shell-storm.org
http://repo.shell-storm.org/CTF/Defcon-19-quals/

Write-up collections at http://devpsc.blogspot.com/2011/06/defcon-19-quals-writeup-collection.html

Several write-ups at http://daxnitro.com/quals/

Binary 100
http://blog.securestate.com/post/2011/06/06/Defcon-19-CTF-Pre-Quals-Binary-100-Challenge.aspx
http://neobits.org/?p=825 (Espanol)

Forensics 100
http://blizz.se/f100.html
http://www.bryceboe.com/2011/06/05/defcon-19-quals-forensics-100-and-forensics-300-solution/
http://www.phx2600.org/archive/2011/06/05/forensics-100-defcon-ctf-quals/

Monday, November 14, 2011