Government Security
Network Security Resources

Jump to content

Blogs



Featured
Photo

Finding Php Shell Scripts In Your Website

Posted by Stephen in GSO, in Web Security 17 July 2014 - - - - - - · 449 views
security, linux, cyber security and 7 more...

PHP vulnerabilities are the norm, there is not much that can be done to prevent uploads of malicious files on a PHP site when there are world writable directories especially when your website is using a well known opensource community driven software product to power your website. PHP shell code can usually be found in many websites around the web especia...

Featured
Photo

Project Phoenix

Posted by Stephen in GSO News & Announcements, 17 July 2014 - - - - - - · 478 views

Project Phoenix is the resurrection of GovernmentSecurity.org, a lot has been going on here over the last year and a half. The hired help has completed transferring the important articles from Joomla into the new site and the rest was blown away. I am going to give a quick overview of the changes that have happened but each change will be covered in detai...

Featured
Photo

DEF CON 22 – Are You Ready?

  Posted by Stephen in Security Through Education, 30 June 2014 - - - - - - · 275 views

Are you ready for blistering 115-degree heat, the never-ending press of black t-shirts, and fast-talking social engineers? Then you, my friend, are ready for DEF CON 22!
Social-Engineer.Org have so much goodness to tell you about. First, let’s start with the Social Engineering Village . This will be our second year at running SE fun and activities non-st...

Featured
Photo

More Details about Security Advisory 2963983 IE 0day

  Posted by Stephen in Security Research & Defense, 26 April 2014 - - - - - - · 353 views

Today we released Security Advisory 2963983 regarding a potential vulnerability in Internet Explorer reported by FireEye and currently under investigation.
We are working closely with FireEye to investigate this report of a vulnerability which was found used in very limited targeted attack:
- the vulnerability is a “use-after-free” memory corruption...

Featured
Photo

Binary analysis: Concolic execution with Pin and z3

  Posted by Stephen in Shell-Storm, 28 August 2013 - - - - - - · 308 views

In a previous post, I talked about the concolic execution using Valgrind to the taint analysis and z3 to the constraint path solving. So why another blog post about this technique? Because recently my previous researchs was around Pin and because Pin is supported on Linux, Windows and Mac. I also wanted to see how it's possible to do it without IR - With...

Photo

DerbyCon 4.0 & Social-Engineer

  Posted by Stephen in Security Through Education, 16 September 2014 - - - - - - · 10 views

<p>Social-Engineer is on the road again! This time you’ll see our friendly faces popping up in Louisville, KY at <a rel="nofollow" target="_blank" href="https://www.derbycon.com ">DerbyCon, 24-28 September</a>. In true SEORG style, we’ll be hitting the ground at 150 mph leaving secret decoder rings and lock picks in our w...

Photo

Assessing risk for the September 2014 security updates

  Posted by Stephen in Security Research & Defense, 09 September 2014 - - - - - - · 32 views

<p></p>
<p></p>
<p></p>
<p></p>
<p></p>
<p>Today we released four security bulletins addressing 42 unique CVE&rsquo;s. One bulletin has a maximum severity rating of Critical and the other three have maximum severity Important. This table is designed to he...

Photo

SCAF - Source Code Analysis Framework based on Clang - Pre-alpha preview

  Posted by Stephen in Shell-Storm, 25 August 2014 - - - - - - · 47 views

We recently began to work on source code analysis and the main objective was to easily collaborate on a same analysis. So, we started to develop a framework based on Clang that will be described in this blog post.

<a href="http://blog.quarkslab.com/scaf-source-code-analysis-framework-based-on-clang-pre-alpha-preview.html " class='bbc_url'...

Photo

Secure Website With Writable 777 Directories

Posted by Stephen in GSO, 17 July 2014 - - - - - - · 130 views
security, linux, server and 7 more...

Content management, forum and other website software often require directories that are writeable in order to function properly. Many companies jump to using suexec or suPHP instead of the 777 method, but there is a more secure method of hosting your website. Did you know that suexec and suPHP essentially gives the web server user full write ability to al...

Photo

Updated Community Rules

Posted by Stephen in GSO News & Announcements, 17 July 2014 - - - - - - · 90 views

The community rules have been updated, be sure to read them before interacting with the community.

http://www.governmen...ommunity-rules/



Kind Regards,

http://www.governmen...es/gso-logo.png



  • 8 Total Blogs
  • 70 Total Entries
  • 0 Total Comments
  • Shell-Storm Latest Blog
  • Stephen Latest Blogger

user(s) are online (in the past 30 minutes)

members, guests, anonymous users