recentpopularlog in

whip_lash : development   39

Engineering career development at Khan Academy | Khan Academy Engineering
We’ve previously shared our Engineering Principles. Today we’re releasing our Engineering Career Development guide.
career  development  engineering 
4 weeks ago by whip_lash
Halcyon IDE
Halcyon IDE lets you quickly and easily develop Nmap scripts for performing advanced scans on applications and infrastructures with a range from recon to exploitation capabilities. It is the first IDE released exclusively for Nmap script development. Halcyon IDE is free and open source project (always will be) to provide an easier development interface to rapidly growing information security community around the world.
ide  programming  Scripting  development  lua  nmap 
7 weeks ago by whip_lash
Practical Symbolic Execution and SATisfiability Module Theories (SMT) 101
Finding bugs is hard, reverse engineering is hard. Constraint solvers are the heart of many program analysis techniques, and can aid Fuzzing, and software verification.

This post contains a few hands-on experiments with Z3, a high performance theorem prover developed at Microsoft Research by Leonardo de Moura and Nikolaj Bjorner. With KLEE, a Symbolic Execution Engine built on top of the LLVM compiler infrastructure developed by Cristian Cadar, Daniel Dunbar, and Dawson Engler. And, angr, a binary analysis framework developed by the Computer Security Lab at UC Santa Barbara and their associated CTF team, Shellphish.
ctf  assembly  exploit  development  reverse-engineering 
12 weeks ago by whip_lash
klks/checksec: x64dbg plugin to check security settings
This plugin was inspired by OllySSEH by Mario Ballano and the linux checksec.sh by Tobias Klein. Please report any bugs/improvements/suggestions.
x64dbg  exploit  development  debugger 
may 2018 by whip_lash
!exploitable Crash Analyzer - MSEC Debugger Extensions - CodePlex Archive
The tool first creates hashes to determine the uniqueness of a crash and then assigns an exploitability rating to the crash: Exploitable, Probably Exploitable, Probably Not Exploitable, or Unknown.
security  Microsoft  debugger  windbg  exploit  development 
may 2018 by whip_lash
0x5 Exploit Tutorial: Porting Your First Exploit to Metasploit
In this edition of the Primal Security blog, we will be taking the exploit found in our first tutorial and porting it over to the Metasploit Framework.
metasploit  exploit  development 
april 2018 by whip_lash
ROP, NX and ASLR - A Love Triangle - Remote Code Execution - CVE-2018-5767 - Fidus InfoSecurity | Cyber Security, Penetration Testing, Red Teaming
In this post we will be presenting a pre-authenticated remote code execution vulnerability present in Tenda’s AC15 router. We start by analysing the vulnerability, before moving on to our regular pattern of exploit development – identifying problems and then fixing those in turn to develop a working exploit.
exploit  development 
february 2018 by whip_lash
CNIT 127: Exploit Development -- Sam Bowne
Learn how to find vulnerabilities and exploit them to gain control of target systems, including Linux, Windows, Mac, and Cisco. This class covers how to write tools, not just how to use them; essential skills for advanced penetration testers and software security professionals.
Advisory: CS 110A or equivalent familiarity with programming
pentest  exploit  development  programming  security  learning  class 
january 2018 by whip_lash
ROP Emporium
Learn return-oriented programming through a series of challenges designed to teach ROP techniques in isolation, with minimal reverse-engineering and bug-hunting.
ctf  programming  security  exploit  development 
january 2018 by whip_lash
The Engineer/Manager Pendulum – charity.wtf
The best frontline eng managers in the world are the ones that are never more than 2-3 years removed from hands-on work, full time down in the trenches. The best individual contributors are the ones who have done time in management.

And the best technical leaders in the world are often the ones who do both. Back and forth.  Like a pendulum.
career  development  management 
august 2017 by whip_lash
Aerotropolis: The Airport-Based Global City of Tomorrow - WSJ.com
Every aerotropolis is locked in competition with every other one, just as every financial center is jostling for position in the new multi-polar international order. The principle is the same: Everyone wants to be the hub; no one wants to be the spokes. This has made the aerotropolis ripe for experimentation when it comes to governance, whether it's simple tax-free zones, the charter cities Mr. Romer proposes, or the "state capitalism" practiced by Dubai or Singapore. (The word "aerotropolis," I should note, was coined by John Kasarda, a business professor at the University of North Carolina and my co-author on the forthcoming book of that title. He is currently working on projects in Indianapolis, Milwaukee and Panama, and has served as a consultant in the past in Detroit, Memphis, Tenn., Dubai, Chongqing and Hyderabad.)
cities  economics  development 
march 2011 by whip_lash

Copy this bookmark:





to read