A Buffer Overflow Study - Attacks and Defenses (2002)
Amazon Hacks - (O'reilly-August 2003)
Computer Vulnerability(March 9 2000)
*****proof Your Software(No Starch-2002)
Credit Card Visa Hack(Cambridge Lab-2003)
Ethical Hacking and Countermeasures EC Council Exam 312 50 (OSB- 2004)
Google Hacking for Penetration Tester (Syngress-2005)
Hack Attacks Revealed- A Complete Reference with Custom Security Hacking Toolkit (Wiley-2001)
Hack IT Security Through Penetration Testing (Addison Wesley-2002)
Hack Proofing Your Identity in the Information Age (Syngress-2002)
Hack Proofing Your Network - Internet Tradecraft (Syngress-2000)
Hacker Disassembling Uncovered (A List- 2003)
Hacker's Desk Reference
Hackers Beware (NewRiders -2002)
Hackers Delight( Addison Wesley- 2003 )
Hacking Exposed- Network Security Secrets and Solutions (MCGraw-Hill-2001)
Hacking Exposed- Web Applications (MCGraw-Hill-2002)
Hacking Exposed- Windows 2003 Chapter 5
Hacking for Dummies (John Wiley-2004)
Hacking for Dummies-Access to Other Peoples Systems Made Simple
Hacking Guide v3.1[www.netz.ru]
Hacking-The Art of Exploitation(No Starch-2003)
How Thieves Targeted eBay Users but Got Stopped Instead(Interhack-June 2003)
Maximum Security, 3rd Edition(Sams-April 2001)
Maximum Security_-A Hackers Guide to Protect Your Internet
Network Security Tools (OReilly- Apr 2005)
PC Hacks(Oct 2004)
PDF Hack(Aug 2004)
Practical Study Remote Access (Cisco-December 22, 2003)
Reversing Secrets of Reverse Engineering (Apr 2005)
Spidering Hacks(O'Reilly- October 2003)
Steal This Computer Book 3 What They Won't Tell You About the Internet(No Starch Press c 2003 )
Stealing the Network; How to Own the Box ( Syngress-2003)
The Art of Deception by Kevin Mitnick
The Art of Intrusion-The Real Stories Behind the Exploits of Hackers Intruders and Deceivers (Wiley- Feb 2005)
The Complete History of Hacking
The Extreme Searchers Internet Handbook A Guide for the Serious Searcher (Feb 2004)
Tricks of the Internet Gurus (April 1999)
Underground Hacking Madness & Obsession on the Electronic Frontier (Suelette Dreyfus & Julian Assange-2001)
Web Hacking- Attacks and Defence (Pearson Education-August 08, 2002)
Windows Server Hack(O'Reilly - March 2004)
Windows XP Hacks (O'reilly- Auguest 2003

DOWNLOAD:
1.http://rapidshare.de/files/8426509/Books.part1.rar (Size, mb: 46.000)
2.http://rapidshare.de/files/8427811/Books.part2.rar (Size, mb: 46.000)
3.http://rapidshare.de/files/8429676/Books.part3.rar (Size, mb: 46.000)
4.http://rapidshare.de/files/8430208/Books.part4.rar (Size, mb: 17.714)

Password: L33T
-----------------------------------------------------
Java How To Program 6th Edition
This special edition of Java How to Program is up-to-date with the Java 2 Platform Standard Edition 1.5. It covers fundamental programming topics and provides several extra chapters so readers can include or omit material as needed. KEY TOPICS: Includes Recursion and Searching and Sorting chapters. Provides extensive complete programming exercises plus "What does this program do?", "What's wrong with this program?", "Complete the program" and "Modify the program" exercises. Covers text-file processing. Features coverage of special topics, such as pre- and postconditions, invariants, testing and debugging, ethics and software engineering. Includes a CD-ROM with every copy of the book that contains: (subject to change) Java™ 2 Platform, Standard Edition 1.5; Netbeans; JCreator LE; jEdit; jGRASP; BlueJ; Source code for all the book's examples; Hyperlinks to valuable Java™ demos and Internet resources. MARKET: A useful brief reference for programmers or anyone who wants to learn more about the Java programming language.

Download:http://download.hadown.com/uploadfile/2006/3/30/18172461219.zip

Cryptography - RSA Encryption Algorithm in a NutShell
http://rapidshare.de/files/14464822/Cryptography_-_RSA_Encryption_Algorithm_in_a_Nut_Shell.rar.html

Type: .pdf
Pages: 35

The Art Of Sql
Book review:
For all the buzz about trendy IT techniques, data processing is still at the core of our systems, especially now that enterprises all over the world are confronted with exploding volumes of data. Database performance has become a major headache, and most IT departments believe that developers should provide simple SQL code to solve immediate problems and let DBAs tune any "bad SQL" later.

In The Art of SQL, author and SQL expert Stephane Faroult argues that this "safe approach" only leads to disaster. His insightful book, named after Art of War by Sun Tzu, contends that writing quick inefficient code is sweeping the dirt under the rug. SQL code may run for 5 to 10 years, surviving several major releases of the database management system and on several generations of hardware. The code must be fast and sound from the start, and that requires a firm understanding of SQL and relational theory.

The Art of SQL offers best practices that teach experienced SQL users to focus on strategy rather than specifics. Faroult's approach takes a page from Sun Tzu's classic treatise by viewing database design as a military campaign. You need knowledge, skills, and talent. Talent can't be taught, but every strategist from Sun Tzu to modern-day generals believed that it can be nurtured through the experience of others. They passed on their experience acquired in the field through basic principles that served as guiding stars amid the sound and fury of battle. This is what Faroult does with SQL.

Like a successful battle plan, good architectural choices are based on contingencies. What if the volume of this or that table increases unexpectedly? What if, following a merger, the number of users doubles? What if you want to keep several years of data online? Faroult's way of looking at SQL performance may be unconventional and unique, but he's deadly serious about writing good SQL and using SQL well. The Art of SQL is not a cookbook, listing problems and giving recipes. The aim is to get you-and your manager-to raise good questions.

Download link: http://rapidshare.de/files/16830744/The.Art.of.SQL.rar (1.7mb)
Password: www.AvaxHome.ru

------
Ten hacker tricks to exploit SQL Server systems

SQL Server runs databases for financial, bank, biotech, Ecommerce, data warehousing, scientific applications, etc. which often require huge data processing with complex formulas or algorithms.
Most of this work is done with TSQL stored procedures and .NET procedures (in SQL Server 2005), however neither one of them can achieve the performance and flexibility of external procedures which are natively compiled code.
http://searchsqlserver.techtarget.com/tip/1,289483,sid87_gci1165052_tax301336,00.html?Offer= SQLwnha217

http://www.cgisecurity.com/articles/xss-faq.shtml - XSS FAQ

_http://www.l0t3k.net/biblio/
Big collection of security docs (about a 400 MB)

www.vistaserver.com
www.btebook.com
www.oebook.com
www.wiretapped.net
www.giuciao.com :rolleyes: ;) :rolleyes: ;) :cool:

I guess you all know Cross-Site Scripting attacks are becoming more and more dangerous every day. In the Web 2.0 era, stealing a user cookie\session or hijacking a user browser is almost equal to compromising his box by exploiting a remote code execution vulnerability.

Computer experts say that in the not so far future, operating systems will be no more then just a web browser, all the applications a user need will be online (take Office Online (http://office.microsoft.com/en-us/default.aspx) for example).
Therefor the phrase “XSS is the New Buffer Overflow, JavaScript Malware is the New Shell Code” is true, no wonder XSS made it the number one attack vector of 2006.

So it’s about time someone will publish an XSS book :)

XSS Attacks - Cross Site Scripting Attacks Exploits and Defense (http://www.amazon.com/Cross-Site-Scripting-Attacks-Exploits/dp/1597491543/sr=1-1/qid=1170769149?ie=UTF8&s=books) written by Jeremiah Grossman, Robert Hansen (RSnake), Petko D. Petkov (pdp), Anton Rager and Seth Fogie, is the first book ever made that is dedicated entirely to Cross-Site Scripting.

From what we can see in the preview (Chapter 5 and the Table of Contents), this book is packed with a lot of attack techniques, covers the simplest attack to the most advanced, universal cross-site scripting attacks, XSS exploitation frameworks and a lot more :cool:

For further information check out the book announcements in Jeremiah’s (http://jeremiahgrossman.blogspot.com/2007/04/xss-attacks-book.html) and RSnake’s (http://ha.ckers.org/blog/20070423/xss-book-preview/) blogs.



Good luck ;)

(IN)SECURE Magazine11


Issue 11 of (IN)SECURE Magazine released.
In this issue:


Review: GFI LANguard Network Security Scanner 8
Critical steps to secure your virtualized environment
Interview with Howard Schmidt, President and CEO R & H Security Consulting
Quantitative look at penetration testing
Integrating ISO 17799 into your Software Development Lifecycle
Public Key Infrastructure (PKI): dead or alive?
Interview with Christen Krogh, Opera Software’s Vice President of Engineering
Super ninja privacy techniques for web application developers
Security economics
iptables - an introduction to a robust firewall
Black Hat Briefings & Training Europe 2007
Enforcing the network security policy with digital certificates



Very interesting stuff! Download (IN)SECURE issue 11 (http://www.net-security.org/dl/insecure/INSECURE-Mag-11.pdf).

Addison-Wesley Professional.Honeypots- Tracking Hackers.pdf
Wiley.The Database Hacker's Handbook- Defending Database Servers.chm
John Wiley & Sons.Hacking GMail (ExtremeTech).pdf
Hacking.Guide.V3.1.pdf
A-List Publishing.Hacker Linux Uncovered.chm
Hacker'S.Delight.chm
Hacker.Bibel.[278.kB_www.netz.ru].pdf
HackerHighSchool.pdf
Hacker's Desk Reference.pdf
Hackers Beware Defending Your Network From The Wiley Hacker.pdf
Addison Wesley - Hackers Delight 2002.pdf
addison wesley - web hacking - attacks and defense.chm
Addison Wesley, The Outlook Answer Book Useful Tips Tricks And Hacks (2005) Bbl Lotb.chm
Anti-Hacker ToolKit - McGraw Hill 2E 2004.chm
Auerbach.Pub.The.Hackers.Handbook.The.Strategy.Beh ind.Breaking.into.and.Defending.Networks.Nov.2003. eBook-DDU.pdf
ceh-official-certified-ethical-hacker-review-guide-exam-312-50.9780782144376.27422.pdf
ebook.oreilly.-.windows.xp.hacks.sharereactor.chm
For.Dummies.Hacking.for.Dummies.Apr.2004.eBook-DDU.pdf
For.Dummies.Hacking.Wireless.Networks.For.Dummies. Sep.2005.eBook-DDU.pdf
Hack_Attacks_Revealed_A_Complete_Reference_With_Cu stom_Security_Hacking_Toolkit.chm
hacker-disassembling-uncovered.9781931769228.20035.chm
Hacking Cisco Routers.pdf
Hacking the Code - ASP.NET Web Application Security Cookbook (2004) .chm
John.Wiley.and.Sons.Hacking.Windows.XP.Jul.2004.eB ook.pdf
John.Wiley.and.Sons.The.Art.of.Intrusion.The.Real. Stories.Behind.the.Exploits.of.Hackers.Intruders.a nd.Deceivers.Feb.2005.ISBN0764569597.pdf
Jon.Erickson.Hacking.The.Art.Of.Exploitation.No.St arch.Press.2003.chm
Linux-Server.Hacks-OReilly.pdf
McGraw Hill - Web Applications (Hacking Exposed).pdf
McGraw.Hill.HackNotes.Linux.and.Unix.Security.Port able.Reference.eBook-DDU.pdf
McGraw.Hill.HackNotes.Network.Security.Portable.Re ference.eBook-DDU.pdf
McGraw.Hill.HackNotes.Web.Security.Portable.Refere nce.eBook-DDU.pdf
McGraw.Hill.HackNotes.Windows.Security.Portable.Re ference.eBook-DDU.pdf
OReilly - Flickr Hacks Tips and Tools for Sharing Photos Online (Feb 2006).chm
Oreilly Access Hacks Apr 2005.chm
OReilly,.Digital.Video.Hacks.(2005).DDU.LotB.chm
oreilly,.visual.studio.hacks.(2005).ddu.lotb.chm
Oreilly.Amazon.Hacks.eBook.LiB.chm
oreilly.firefox.hacks.ebook-lib.chm
OReilly.Google.Hacks.2nd.Edition.Dec.2004.ISBN0596 008570.chm
OReilly.Google.Maps.Hacks.Jan.2006.chm
Oreilly.Linux.Desktop.Hacks.Mar.2005.eBook-LiB.chm
OReilly.Linux.Server.Hacks.Volume.Two.Dec.2005.chm
OReilly.Network.Security.Hacks.chm
OReilly.PayPal.Hacks.Sep.2004.eBook-DDU.chm
OReilly.PC.Hacks.Oct.2004.eBook-DDU.chm
OReilly.Perl.Hacks.Tips.and.Tools.for.Programming. Debugging.and.Surviving.May.2006.chm
OReilly.Skype.Hacks.Tips.and.Tools.for.Cheap.Fun.I nnovative.Phone.Service.Dec.2005.chm
OReilly.Statistics.Hacks.May.2006.chm
OReilly.Ubuntu.Hacks.Tips.and.Tools.for.Exploring. Using.and.Tuning.Linux.Jun.2006.chm
OReilly.VoIP.Hacks.Tips.and.Tools.for.Internet.Tel ephony.Dec.2005.chm
oreilly.windows.xp.hacks.2nd.edition.feb.2005.lib. chm
OReilly.Word.Hacks.Oct.2004.eBook-DDU.chm
prentice hall - pipkin - halting the hacker- a practical guide to computer security, 2nd edition.chm
Que - UNIX Hints Hacks.chm
Que.Certified.Ethical.Hacker.Exam.Prep.Apr.2006.ch m
Syngress - Hack Proofing Linux (2001).pdf
Syngress - Hack Proofing Your Identity in the Information Age - 2002.pdf
Syngress -- Hack Proofing Your Wireless Network.pdf
Syngress.Hacking.a.Terror.Network.Nov.2004.ISBN192 8994989.pdf
the-database-hackers-handbook-defending-database-servers.9780764578014.25524.chm
Websters.New.World.Websters.New.World.Hacker.Dicti onary.Sep.2006.pdf
Wiley.Hacking.Firefox.More.Than.150.Hacks.Mods.and .Customizations.Jul.2005.eBook-DDU.pdf
Wiley.Hacking.Google.Maps.and.Google.Earth.Jul.200 6.pdf
Wiley.Hacking.GPS.Mar.2005.ISBN0764598805.pdf
Wiley.Lifehacker.Dec.2006.pdf

http://hackingandsecurity.com/hacks/

Behind the Scenes of Malicious Web Servers

In our recent KYE paper on malicious web servers , we identified several hundred malicious web servers. These servers launched, so-called drive by downloads, that allowed them to gain complete control of the client machine without the consent or notice of the user, who merely visited the malicious web server with his (vulnerable) web browser. In our study, we analyzed a large number of web servers with our client honeypot Capture-HPC , which allowed us to assess whether a server was malicious, then inspect the exploit code that was sent to the client and the potential malware downloaded. However, many questions remained unanswered:


http://www.honeynet.org/papers/wek/KYE-Behind_the_Scenes_of_Malicious_Web_Servers.pdf

OR:

http://www.honeynet.org/papers/wek/KYE-Behind_the_Scenes_of_Malicious_Web_Servers.htm

Mark D. Spivey, CISSP - Practical hacking techniques and countermeasures

http://i008.radikal.ru/0711/4d/0a731beeb830.jpg


Released: 2007
By: Mark D. Spivey, CISSP
Genre: Hacking/Defence
Published by: Auerbach Publications
Format: PDF
Quality: eBook (initially PC-quality)
Quantity of pages: 752
Language: English

Description: Recommended for network administrators.
Contents:
Preparation
Banner Identification
Target Enumeration
Scanning
Sniffng Traffc
Spoofing
Brute Force
Vulnerability Scanning
Wireless
Redirection
Denial-of-Service (DoS)
Appendix A: References
Appendix B: Tool Syntax
Index
--------------------------
Size: 72 МБ


Download:
http://v3n.0x7.net/books/ENG/hacking/practical_hacking_techniques_and_countermeasures.r ar

or from Deposit
http://depositfiles.com/files/2270756

Contents
1 Introduction 1
2 Attack vectors 2
2.1 Directly from user mode 2
2.2 Public APIs 3
2.3 Undocumented APIs 3
2.4 Architectural flaws 4
2.5 Bugs and their exploitation 4
2.6 Subverting operating system initialization 6
2.7 Modifying kernel modules on disk 6
2.8 Hardware 6
3 Tools for the job 8
3.1 Static analysis 8
3.2 Dynamic analysis 9
4 Defensive measures 12
5 Further work 13
5.1 Fuzzing 13
5.2 Automated bug finding 14
5.3 Virtualization 14
6 Conclusion 15
7 References 16
Appendices
A NT kernel architecture 18
A.1 Terminology 18
A.2 Hardware based protection 18
A.3 Operating system memory layout and management 20
A.4 Public kernel interfaces 21
B CDFS driver disassembly 27
C Real world examples 32
4.1 The NT kernel compression library 32
4.2 Unvalidated structure initialization 34
4.3 An architectural flaw 35
4.4 Trusting user input 37

An NGSSoftware Insight Security Research (NISR) Publication
©2007 Next Generation Security Software Ltd

Download:

http://rapidshare.com/files/75646723/Attacking_the__Windows_Kernel.pdf.html

http://www.wordware.com/Merchant2/graphics/00000001/1-59822-033-0-001.jpg

Publisher: Wordware Publishing, Inc. | 2007-11-25 | ISBN 1598220330 | Pages: 616 | PDF | 3.4 MB

Advanced JavaScript 3rd Edition is an in-depth examination of the most important features of JavaScript. The book assumes readers have a basic understanding of web development, but includes a review of JavaScript fundamentals in Chapters 1 through 3. This book gives the reader a comprehensive look at the fundamentals of JavaScript by examining objects, arrays, date and time functions, math, and all the essentials that are needed for complex yet robust JavaScript scripts. Topics are thoroughly examined with several complete examples.


Download:

http://rapidshare.com/files/76375488/Advanced_JavaScript.rar.html

This unique hacker report is NOT available in any bookstore. And you’ll find nothing similiar Easy to understand with many examples. Every day you hear in the daily news about hackers, virus, worms and trojans, SUB7, TCP, IP, PING, spoofing, sniffing, DDOS attacks, …? And you don’t know exactly what it is and how hackers do that. Don’t rest a “lamer”, Hacker’s Blackbook let’s you know and discovers many secrets.

Incredible how easy hacking and cracking is! The book shows how simple you can use these programs. Scary? Sure, you must be carefull. The ONLINE READERS AREA and the CD-ROM helps and provides “clean” files.
Tipp: Never download files from sites you don’t know. Hiding adware, spyware and trojans in free download files is actually a big problem.


- Trick of the internet gurus.
- Hackers survival guide
- Hacking for dummies 2
- Hacking into computer systems
- Maximum security - A hacker's guide


http://pixhost.eu/avaxhome/share/img/2006_06_1/blackbook_1.jpg


Download:

http://rapidshare.com/files/76376155/Hackers_Black_Book.rar.html

Electronic Crime Scene Investigation: A Guide for First Responders, Second Edition


This Guide can be found here:


http://www.ncjrs.gov/pdffiles1/nij/219941.pdf

A Low-cost Attack on a Microsoft CAPTCHA

1. Introduction
A CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans
Apart) is a program that generates and grades tests that are human solvable, but intends to be
beyond the capabilities of current computer programs [1]. This technology is now almost a
standard security mechanism for defending against undesirable or malicious Internet bot
programs, such as those spreading junk emails and those grabbing thousands of free email
accounts instantly. It has found widespread application on numerous commercial web sites
including Google, Yahoo, and Microsoft’s MSN.
The most widely used CAPTCHAs are the so-called text-based schemes, which rely on
sophisticated distortion of text images aimed at rendering them unrecognisable to the state of
the art of pattern recognition programs. The popularity of such schemes is due to the fact that
they have many advantages [ 4], for example, being intuitive to users world-wide (the user
task performed being just character recognition), having little localization issues (people in
different countries all recognise Roman characters), and of good potential to provide strong
security (e.g. the space a brute force attack has to search can be huge, if the scheme is
properly designed).
A good CAPTCHA must be not only human friendly, but also robust enough to resist to
computer programs that attackers write to automatically pass CAPTCHA tests (or challenges).
Early research suggested that computers are very good at recognising single characters, even
if these characters are highly distorted [6]. Table 1 shows characters under typical distortions,.


And this one can be found here:


http://homepages.cs.ncl.ac.uk/jeff.yan/msn_draft.pdf

Here are also a good source of ebooks called :

h__p://w*w.b213.net/index.php?num=0
h__p://flazx.com
h__p://freebooksource.com/

Extended HTML Form Attack

Summary of the attack

A new Cross Site Scripting attack which effects (at least) major browsers Internet Explorer and Opera. This one makes use of forms targeted at non-HTTP services. This paper covers the following points:

- A short description of the original HTML Form Attack paper
- An introduction to Cross site scripting
- Displaying HTML content from non-HTML supporting services (echo, smtp etc)
- How attackers can exploit this issue - finding vulnerable servers
- Solutions to the problem described.

Download Paper:

http://eyeonsecurity.org/papers/extendedform.pdf

Microsoft SQL Server Black Book: The Database Designer’s and Administrator’s Essential Guide to Setting Up Efficient Client-Server Tasks with SQL Server

http://i.biblio.com/z/490/101/9781576101490.jpg

Download:

http://rapidshare.com/files/130431689/Microsoft_SQL_Server_Black_Book.rar

Lateral SQL Injection:A New Class of Vulnerability in Oracle


Essentially the paper details a way in which the attacker can manipulate the
environment to trick an Oracle database into using arbitrary SQL in DATE
functions and data.


The paper can be found here:

http://www.databasesecurity.com/dbsec/lateral-sql-injection.pdf

Software Distribution Malware Infection Vector

This paper presents an efficient mechanism as well as the corresponding reference implementation for on-the-fly infecting of executable code with malicious software. Their algorithm deploys virus infection routines and network redirection attacks, without requiring the modification of the application itself. This allows infection of executables with an embedded signature when the signature is not automatically verified before execution. They briefly discuss countermeasures such as secure channels, code authentication as well as trusted virtualization that enables the isolation of untrusted downloads from other applications running in trusted domains or compartments.

Paper:

http://packetstormsecurity.org/papers/general/Software.Distribution.Malware.Infection.Vector.pdf

Reverse Engineering: Anti-Cracking Techniques

Many antivirus and antispyware solutions identify malicious programs by looking for known unique signatures contained inside them. Those signatures are stored inside a database which is constantly updated. This tutorial guides you through a number of steps to encrypt the executable file code section in order to render antivirus signature checking techniques ineffective against identifying the malicious code.


Download:

http://packetstormsecurity.org/papers/general/Reverse_Engineering_Smashing_the_Signature.pdf

http://bp1.blogger.com/_vQtnu8qGeFQ/R-h-1FKrQAI/AAAAAAAAAEY/XGjFDHvltFI/s320/most-wanted-hacking-book.jpg


Download:

1

http://rapidshare.com/files/101501973/44.Hacking.Books.vol-1.rar


2

http://rapidshare.com/files/101502026/44.Hacking.Books.vol-2.rar


44 hacking books

ASLR bypassing method on 2.6.17/20 Linux Kernel
No-executable stack space bypassing method on Linux


Paper:

http://packetstormsecurity.org/papers/bypass/aslr-bypass.txt

http://img186.imageshack.us/img186/2520/14734652ri2.th.jpg (http://img186.imageshack.us/my.php?image=14734652ri2.jpg)


Download:

http://www.disenchant.ch/blog/wp-content/uploads/2008/05/xss_presentation.pdf

SQL Smuggling

This paper will present a new class of attack, called SQL Smuggling. SQL Smuggling is a sub-class of SQL Injection attacks that rely on differences between contextual interpretation performed by the application platform and the database server. While numerous instances of SQL Smuggling are commonly known, it has yet to be examined as a discrete class of attacks, with a common root cause. The root cause in fact has not yet been thoroughly investigated; this research is a result of a new smuggling technique, presented in this paper. It is fair to assume that further study of this commonality will likely lead to additional findings in this area.

Download:
http://packetstormsecurity.org/papers/database/SQL_Smuggling.pdf

Web 2.0 Attacks Revealed

Cert/CC Statistics shows that 7120 Software Vulnerabilities were
Reported in 2006
· 194 SQL Injection Vulnerabilities were found on BugTraq
between 2005-jan and 2005-June
· Symantec highlights in its most recent Internet Security Threat
Report that Web vulnerabilities constituted 69 percent of 2,249
new vulnerabilities identified for the first half of 2006, with 78
percent of "easily exploitable" vulnerabilities residing within Web
applications.
· Directory Traversal is the 2nd most common attack on the
internet as of the 2nd half of 2005
· Roughly 63% of the Web application vulnerabilities can be
accounted for by 4 vulnerability classes: file inclusion, SQL
injection, cross-site scripting, and directory traversal

http://www.infosecwriters.com/text_resources/pdf/KMaraju_Web20-Attacks-Revealed.pdf

Assault on Oracle PL/SQL - Injection

by Aelphaeis Mangarae from blackhat-forums

Table of Contents
Introduction 1
A Glance at Oracle APEX 4
-What is Oracle APEX?
-Architecture of Oracle APEX
-mod_plsql / XML DB HTTP
Oracle Database Permissions 7
-Invoker vs. Definer Rights
What Is SQL Injection? 8
-Introduction
-What Programming Languages are Vulnerable?
-Example: SQL Injection Exploitation
-SQL Injection Oracle vs. Other DBMS
PL/SQL Overview 12
-Introduction
-PL/SQL Data Types
-Procedures, Functions & Packages
-Executing Database Commands
-PL/SQL Triggers
-PL/SQL Cursors
PL/SQL Injection 21
-What is PL/SQL Injection?
-Injecting into a SELECT Query
-Injecting into DML
-Database Privilege Escalation
-Technique: Autonomous Transaction.

Download:

Paper (http://www.astalavista.com/media/directory/uploads/2fbe856e405e45e9fd4399c7148e1164.pdf)

Best of Penetration Testing Tools

Larry, John, and Paul will explore the "Best Of" security tools. Part I will cover the best of network penetration testing tools. Six tools in total will be discussed, including a tip, trick, and/or use case for each one! Come learn about Nmap's IPv6 scanning, Cain & Abel's VoIP functionality, and much more!

1) Nmap - Worlds Best Port Scanner
2) Nessus - Vulnerability Scanner
3) Metasploit - Exploit framework
4) Pass-The-Hash - Who needs passwords?
5) Hydra - Brute force password guessing
6) Cain & Abel - The ultimate MITM utility
7) Spotlight - Core IMPACT.

http://pauldotcom.com/TriplePlay-NetworkPenTestingTools.pdf

Automatic creation of SQL injection and cross-site scripting attacks

This paper presents an automatic technique for creating inputs that expose SQLI and XSS vulnerabilities. The technique generates sample inputs, symbolically tracks taints through execution (including through database accesses), and mutates the inputs to produce concrete exploits. Ours is the first analysis of which we are aware that precisely addresses second-order XSS attacks.

Our technique creates real attack vectors, has few false positives, incurs no runtime overhead for the deployed application, works without requiring modification of application code, and handles dynamic programming-language constructs. We implemented the technique for PHP, in a tool Ardilla. We evaluated Ardilla on five PHP applications and found 68 previously unknown vulnerabilities (23 SQLI, 33 first-order XSS, and 12 second-order XSS).

Download PDF

http://www.cs.washington.edu/homes/mernst/pubs/create-attacks-tr054-abstract.html

Cross-Site History Manipulation (XSHM) attack

Hackers used to concentrate on Server-Side attacks on Web applications like Injections, Parameter Manipulations, Path traversal etc. In recent years we have seen a steady rise in Client-Side attacks: XSS, CSRF, JSON hijacking. These vulnerabilities exploit the trust shared between a user and a website, facilitated by Web Browsers, by circumventing the Same Origin Policy (SOP).

Download:PDF (http://www.checkmarx.com/Upload/Documents/PDF/XSHM%20Cross%20site%20history%20manipulation.pdf)