Windows 8 introduced a number of exploit mitigation features, including hardening of both the userland and kernel heaps, mitigation against kernel-mode NULL pointer dereferences, and protection against abuse of virtual function pointer tables. One feature that stood out to me appears to be designed to help mitigate exploits leveraging return-oriented...

Pivoting from the age old ARP attack Translating layer 2 local addresses to layer 3 globally routable addresses is the sole responsibility of the Address Resolution Protocol. ARP spoofing is a fun way to mess with your room mates, get an A in a security class at your local college, impress your tech savvy boss, take a practical approach to learning...

OSINT and pre-game show for a on-site WLAN Penetration Test Wireless Penetration Testing in my opinion is one of the most fun parts of Ethical Hacking. It incorporates application exploits once you are on the WLAN/LAN, web application hacking to attack router web interfaces and a lot of networking trade craft. Needless to say gaining complete control...

Recently there has been a lot of attention given to the Remote Desktop Protocol for attacker. The protocol has seen a work in 2011 that abused week passwords and  it’s features to copy files and infect other machines and now in 2012 there is a remote code execution bug in the protocol it self. Since the days of Vista and Windows 2008 Microsoft...

You can buy appliances to put in your network in an effort to find evil on systems in your enterpise. I know a wicked smart individual who develops one such system and I strongly recommend you check them out, especially if you can afford them.  But let's say you didn't budget for one of these systems this year, there's still something you can...