Join our followers
ImmuniWeb Security Blog
Before the 30th of May 2012 attackers were exploiting a new Microsoft Internet explorer 0day. The 30th of May 2012 Google warned Microsoft about this vulnerability existing in the ...
These days many people do not consider post-authentication vulnerabilities dangerous, such as Stored XSS in the administrator’s portion of a web application.
The time where information threats were mostly limited to blind attacks of random targets has gone. Nowadays, many costly compromises are due to highly targeted attacks and ...
Malicious software also known as "Malcode" or "Malware" can compromise the security and functionality of a program. Once "installed" it monitors the user’s habits. This ...
Nowadays, there is a renewed interest in server-side attacks for hackers. According to SANS, attacks against web applications constitute more than 60% of the total attack attempts ...
This document is the second of a series of five articles relating to the art of hooking. As a test environment we will use an english Windows Seven SP1 operating system distribution.
The aim of this paper is to present the P.I.G. software, a private tool developed by High-Tech Bridge to optimize the information gathering phase during penetration tests. This ...
This document is the first of a series of five articles relating to the art of hooking. As a test environment, we will use an English Windows Seven SP1 operating system distribution.
Data prevention Execution (DEP) and Address space layout randomization (ASLR) are two protection mechanisms integrated in Windows operating system to make more complicated the ...
The SEH exploitation technique was publicly documented by David Litchfield in September of 2003. At a high-level, the SEH overwrite technique uses a software vulnerability to ...
Rogue security software reports a virus infection, even if your computer is clean. This kind of "software" could also fail to report viruses when your computer is infected. This ...
Exploiting ActiveX components vulnerabilities in Windows has become a favored method of attackers aiming to compromise specific computers. Such targeted attacks have increasingly ...
