SQL Injection Links, Cheat Sheets and Tools

An SQL injection is an attack in which malicious code is embedded in a poorly-designed application and then passed to the backend database. The malicious data then produces database query results or actions that should never have been executed. Below are links to SQL Injection Cheat Sheets and Tools to play with in your virtual […]

Read More

Cheat Sheet for Metasploit

Need a quick handy reference guide for Metasploit? Jack Rhysider put together a bunch of the most common commands in a cheat sheet style for quick reference.

Read More

SQL Injection Links and Cheat Sheets

Oracle Injection:  http://www.sqlinjectionwiki.com/Categories/3/oracle-sql-injection-cheat-sheet/ MySQL Injection:  http://www.sqlinjectionwiki.com/Categories/2/mysql-sql-injection-cheat-sheet/ http://www.securiteam.com/securityreviews/5DP0N1P76E.html http://attack.samsclass.info/sqlol-raw/search-raw.htm https://www.netsparker.com/blog/web-security/sql-injection-cheat-sheet/  

Read More

What is Wireshark?

Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis, software and communications protocol development, and education. How to use Wireshark to inspect packets and isolate network and system problems [pdf] Wireshark Display Filters via Packetlife [pdf]

Read More

What is tcpdump?

tcpdump is a common packet analyzer that runs under the command line. It allows the user to display TCP/IP and other packets being transmitted or received over a network to which the computer is attached. Distributed under the BSD license, tcpdump is free software. Tcpdump works on most Unix-like operating systems: Linux, Solaris, BSD, OS […]

Read More

Analyzing Malicious Document Files

PDF download: analyzing-malicious-document-files Authored by Lenny Zeltser with feedback and contributions from Pedro Bueno, Frank Boldewin, an dDidier Stevens. Creative Commons v3 “Contribution” license for this cheat sheet version 2.  This and other malware analysis topics are covered in Lenny’s Reverse-Engineering Malware(REM) course, which he teachesat SANS Institute—for details visit LearnREM.com

Read More

How to respond to a network distributed denial‐of‐service (DDoS) incident

How to respond to a network distributed denial‐of‐service (DDoS) incident. General Considerations DDoS attacks often take the form of flooding the network with unwanted traffic; some attacks focus on overwhelming resources of a specific system. It will be very difficult to defend against the attack without specialized equipment or your ISP’s help. Often, too many […]

Read More