Search:

amolnaik4 · 05-10-2013, 10:22 AM

Hello All,

I'm n00b in fuzzing & exploitation field. I wanted to learn the art of analysis of crashes generated from fuzzing.

Can you guide me for the resources which are useful for learning...

amolnaik4 · 05-09-2013, 04:34 PM

Very nice Vinnu.

koi muze analysis sikha do yaar :)
Can't Understand which crash is exploitable and which one not.

amolnaik4 · 04-11-2013, 11:44 PM

i use SOAP client, Live HTTP Headers & REST client ... all Firefox addons for testing web services. Now you'll be able to use IronWASP as well.

amolnaik4 · 04-04-2013, 03:05 PM

Firewalking with nmap:
Firewalking with nmap | DiabloHorn

AMol NAik

amolnaik4 · 04-01-2013, 05:54 PM

PDF:
http://defcon-russia.ru/15/Nokia_reward_recognition.pdf

AMol NAik

amolnaik4 · 02-27-2013, 05:04 PM

I'll be available on Sunday morning, Thursday evening is not possible.

See you all at @nullcon.

AMol NAik

amolnaik4 · 02-25-2013, 09:50 PM

There is no user used. You need to give "SMBUser" as well along with corresponding password hash "SMBPass".

AMol NAik

amolnaik4 · 02-25-2013, 12:15 AM

Welcome to Garage, Dexter. Kepp learning & sharing knowledge. :)

amolnaik4 · 02-18-2013, 05:11 PM

Couple of nice posts about various types CSRF exploitations:

Apps and Security: Stateless CSRF Protection

Advanced CSRF and Stateless Anti-CSRF

AMol NAik

amolnaik4 · 02-11-2013, 04:11 PM

@r00tc0deL: you should search the forum & the Internet before asking for the help.

Here is one cheat sheet:
http://www.garage4hackers.com/f11/flash-xss-cheat-sheet-3093.html

AMol NAik

amolnaik4 · 02-06-2013, 09:27 PM

Here is the HackPra presentations which talks about some file upload techniques:

File in the hole!

AMol NAik

amolnaik4 · 01-23-2013, 10:21 PM

Welcome to garage .... learn & share the knowledge :)

amolnaik4 · 01-06-2013, 11:05 AM

Looks like you need to allow port 4444 on your router from internet. This is callled as Port Natting.

amolnaik4 · 12-17-2012, 11:38 PM

welcome to garage, karthikp. Hope to see you sharing your knowledge here :)

amolnaik4 · 12-17-2012, 11:36 PM

@karthikp: there is an attack called as Cross-Site Tracing (XST). You should read about this and find out is it still applicable to modern browsers. I'm sure after reading about this attack and...

amolnaik4 · 12-17-2012, 08:01 PM

I'm missing all these meets :(

amolnaik4 · 12-17-2012, 08:00 PM

Good work man ... now we know whom to call when u forgot keys :P

amolnaik4 · 12-11-2012, 09:32 PM

You better use Google to search what u need :)

amolnaik4 · 12-10-2012, 11:46 PM

The best suggession is to learn PHP. You have the code for each security level in DVWA. learn PHP, understand code in each level and try to find solution.

AMol NAik

amolnaik4 · 12-08-2012, 10:06 PM

You should check this;
JSON Hijacking Demystified - SpiderLabs Anterior

AMol NAik

amolnaik4 · 12-07-2012, 10:42 PM

Pentesting Java Thick applications with Burp JDser:
Pentesting Java Thick Applications with Burp JDSer | NetSPI Blog

DSer:
http://www.andlabs.org/tools/DSer/DSer.zip

Javasnoop:...

amolnaik4 · 12-06-2012, 09:50 PM

Flash XSS Cheat Sheet:
http://demo.testfire.net/vulnerable.swf

Amol NAik

amolnaik4 · 11-21-2012, 10:38 PM

Hello All,

Here is the write-up for my OSCP experience:
Secure Belief: My Journey to OSCP

AMol NAik

amolnaik4 · 10-12-2012, 10:45 PM

This is a nice post by Billy Rios about a flaw in Adobe which is interesting to know.

Post:
Billy (BK) Rios » Content Smuggling

AMol NAik

amolnaik4 · 10-12-2012, 10:41 PM

HiTB 2012 Ku Material:

Index of /hitbsecconf2012kul/materials

AMol NAik

Search:

Search: Search took 0.08 seconds.

Thread: Need help to learn Crash Analysis and Exploitation

Thread: Windows 7 64bit exploitation using LdrHotPatchRoutine and bypassing ASLR+DEP

Thread: Hacking Web Services with Burp

Thread: Firewalking with nmap

Thread: Nokia bug bounty program details

Thread: Garage meet post NullCon @Goa

Thread: having trouble in using smb/psexec

Thread: Hello Comrades !

Thread: POST based CSRF attack against Web Applications that use JSON RPC

Thread: Flash Cross Site Scripting[Help me!]

Thread: File upload bypassing techniques in web applications to upload shells

Thread: Newbie from NYC

Thread: msfpayload confusion about the IP

Thread: Hi all

Thread: TRACE method

Thread: Garage4Hackers Pune Meet 29-Dec-2012

Poll: I'm missing all these meets :(

Thread: An affair in the dark - A Real life house penetration project.

Thread: Damn Vulnerable Web App

Thread: Damn Vulnerable Web App

Thread: POST based CSRF attack against Web Applications that use JSON RPC

Thread: Resources for pentesting Java Thick Client Applications

Thread: Flash XSS Cheat Sheet

Thread: My journey to OSCP

Thread: Content Smuggling

Thread: HiTB 2012 Kul Material