Leaderboard

Capture the Flag Challenges posted in CTF Challenges on November 12, 2016 by Raj Chandel Hack the Jarbas: 1 (CTF Challenge) OverTheWire – Bandit Walkthrough (14-21) Hack the Temple of Doom (CTF Challenge) Hack the Golden Eye:1 (CTF Challenge) Hack the FourAndSix (CTF Challenge) Hack the Blacklight: 1 (CTF Challenge) Hack the Basic Pentesting:2 VM (CTF Challenge) Hack the Billu Box2 VM (Boot to Root) Hack the Lin.Security VM (Boot to Root) Hack The Toppo:1 VM (CTF Challenge) Hack the Box Challenge: Ariekei Walkthrough Hack the Violator (CTF Challenge) OverTheWire – Bandit Walkthrough (1-14) Hack the Teuchter VM (CTF Challenge) Hack the Box Challenge: Enterprises Walkthrough Hack the Box Challenge: Falafel Walkthrough Hack the Box Challenge: Charon Walkthrough Hack the PinkyPalace VM (CTF Challenge) Hack the Box Challenge: Jail Walkthrough Hack the Box Challenge: Nibble Walkthrough Hack The Blackmarket VM (CTF Challenge) Hack the Box: October Walkthrough Hack The Box : Nineveh Walkthrough Hack The Gemini Inc (CTF Challenge) Hack The Vulnhub Pentester Lab: S2-052 Hack the Box Challenge: Sneaky Walkthrough Hack the Box Challenge: Chatterbox Walkthrough Hack the Box Challenge: Crimestoppers Walkthrough Hack the Box Challenge: Jeeves Walkthrough Hack the Trollcave VM (Boot to Root) Hack the Box Challenge: Fluxcapacitor Walkthrough Hack the Box Challenge: Tally Walkthrough Hack the Box Challenge: Inception Walkthrough Hack the Box Challenge Bashed Walkthrough Hack the Box Challenge Kotarak Walkthrough Hack the Box Challenge Lazy Walkthrough Hack the Box Challenge: Optimum Walkthrough Hack the Box Challenge: Brainfuck Walkthrough Hack the Box Challenge: Europa Walkthrough Hack the Box Challenge: Calamity Walkthrough Hack the Box Challenge: Shrek Walkthrough Hack the Box Challenge: Bank Walkthrough Hack the BSides Vancouver:2018 VM (Boot2Root Challenge) Hack the Box Challenge: Mantis Walkthrough Hack the Box Challenge: Shocker Walkthrough Hack the Box Challenge: Devel Walkthrough Hack the Box Challenge: Granny Walkthrough Hack the Box Challenge: Node Walkthrough Hack the Box Challenge: Haircut Walkthrough Hack the Box Challenge: Arctic Walkthrough Hack the Box Challenge: Tenten Walkthrough Hack the Box Challenge: Joker Walkthrough Hack the Box Challenge: Popcorn Walkthrough Hack the Box Challenge: Cronos Walkthrough Hack the Box Challenge: Beep Walkthrough Hack the Bob: 1.0.1 VM (CTF Challenge) Hack the Box Challenge: Legacy Walkthrough Hack the Box Challenge: Sense Walkthrough Hack the Box Challenge: Solid State Walkthrough Hack the Box Challenge: Apocalyst Walkthrough Hack the Box Challenge: Mirai Walkthrough Hack the Box Challenge: Grandpa Walkthrough Hack the Box Challenge: Blue Walkthrough Hack the Box Challenge: Lame Walkthrough Hack the Box Challenge: Blocky Walkthrough Hack the W1R3S.inc VM (CTF Challenge) Hack the Vulnupload VM (CTF Challenge) Hack the DerpNStink VM (CTF Challenge) Hack the Game of Thrones VM (CTF Challenge) Hack the C0m80 VM (Boot2root Challenge) Hack the Bsides London VM 2017(Boot2Root) Hack the USV: 2017 (CTF Challenge) Hack the Cyberry: 1 VM( Boot2Root Challenge) Hack the Basic Penetration VM (Boot2Root Challenge) Hack The Ether: EvilScience VM (CTF Challenge) Hack the Depth VM (CTF Challenge) Hack the G0rmint VM (CTF Challenge) Hack the Covfefe VM (CTF Challenge) Hack the Born2Root VM (CTF Challenge) Hack the dina VM (CTF Challenge) Hack the H.A.S.T.E. VM Challenge Hack the RickdiculouslyEasy VM (CTF Challenge) Hack the BTRSys1 VM (Boot2Root Challenge) Hack the BTRSys: v2.1 VM (Boot2Root Challenge) Hack the Bulldog VM (Boot2Root Challenge) Hack the Lazysysadmin VM (CTF Challenge) Hack the Zico2 VM (CTF Challenge) Hack the Primer VM (CTF Challenge) Hack the thewall VM (CTF Challenge) Hack the IMF VM (CTF Challenge) Hack the 6days VM (CTF Challenge) Hack the 64base VM (CTF Challenge) Hack the EW Skuzzy VM (CTF Challenge) Hack the Analougepond VM (CTF Challenge) Hack the Moria: 1.1 (CTF Challenge) Hack the DonkeyDocker (CTF Challenge) Hack the d0not5top VM (CTF Challenge) Hack the Super Mario (CTF Challenge) Hack the Defense Space VM (CTF Challenge) Hack the billu: b0x VM (Boot2root Challenge) Hack the Orcus VM CTF Challenge Hack the Nightmare VM (CTF Challenge) Hack the Bot challenge: Dexter (Boot2Root Challenge) Hack the Fartknocker VM (CTF Challenge) Hack the Pluck VM (CTF Challenge) Hack the Sedna VM (CTF Challenge) Hack the Quaoar VM (CTF Challenge) Hack the Gibson VM (CTF Challenge) Hack the Pipe VM (CTF Challenge) Hack the USV VM (CTF Challenge) Hack the Pentester Lab: from SQL injection to Shell II (Blind SQL Injection) Hack the Pentester Lab: from SQL injection to Shell VM Hack the Padding Oracle Lab Hack the Fortress VM (CTF Challenge) Hack the Zorz VM (CTF Challenge) Hack the Freshly VM (CTF Challenge) Hack the Hackday Albania VM (CTF Challenge) Hack the Necromancer VM (CTF Challenge) Hack the Billy Madison VM (CTF Challenge) Hack the Seattle VM (CTF Challenge) Hack the SkyDog Con CTF 2016 – Catch Me If You Can VM Hack Acid Reloaded VM (CTF Challenge) Hack the Breach 2.1 VM (CTF Challenge) Hack the Lord of the Root VM (CTF Challenge) Hack the Acid VM (CTF Challenge) Hack the SpyderSec VM (CTF Challenge) Hack the VulOS 2.0 VM (CTF Challenge) Hack the SickOS 1.1 VM (CTF Challenge) Hack the Fristileaks VM (CTF Challenge) Hack the NullByte VM (CTF Challenge) Hack the Minotaur VM (CTF Challenge) Hack the TommyBoy VM (CTF Challenge) Hack the Breach 1.0 VM (CTF Challenge) Hack the SkyDog VM (CTF Challenge) Hack the Milnet VM (CTF Challenge) Hack the Kevgir VM (CTF Challenge) Hack the Simple VM (CTF Challenge) Hack the SickOS 1.2 VM (CTF Challenge) Hack the Sidney VM (CTF Challenge) Hack the Stapler VM (CTF Challenge) Hack the Droopy VM (CTF Challenge) Hack the Mr. Robot VM (CTF Challenge) Penetration Testing in PwnLab (CTF Challenge) Hack the Skytower (CTF Challenge) Hack the Kioptrix 5 (CTF Challenge) Hack The Kioptrix Level-1.3 (Boot2Root Challenge) Hack the Kioptrix Level-1.2 (Boot2Root Challenge) Hack The Kioptrix Level-1.1 (Boot2Root Challenge) Hack The Kioptrix Level-1 Hack the Troll-1 VM (Boot to Root) Hack the Hackademic-RTB1 VM (Boot to Root) Hack the De-ICE: S1.120 VM (Boot to Root) Hack the pWnOS: 2.0 (Boot 2 Root Challenge) Hack the pWnOS-1.0 (Boot To Root) Sursa: http://www.hackingarticles.in/capture-flag-challenges/

Din C#/Powershell se poate face orice se poate face si in C/C++, iar unele lucruri se pot face mai rapid. Cred ca de-asta se agita lumea cand e vorba de asa ceva, ca e mai putin code de scris, insa nu e nimic special. Nu m-am lovit mai de nimic deoarece nu am lucrat prea mult cu C# si .NET, insa poate sa faca multe. Ah, da, sigur, cu sanse mai sa fie "undetectable".

George Hotz, comma.ai Forget reversible debugging, why is it that the concept of time exists in debugging at all? Viewing execution as a timeless trace, the open source tool QIRA(qira.me) attempts to move debugging into a new paradigm. Battle tested in CTFs, I will be presenting the tool and showing off a 10x speedup in exploit development cycle. Sign up to find out more about Enigma conferences: https://www.usenix.org/conference/eni... Watch all Enigma 2016 videos at: http://enigma.usenix.org/youtube

Awesome Crypto Papers A curated list of cryptography papers, articles, tutorials and howtos for non-cryptographers. Notes The goal of this list is to provide educational reading material for different levels of cryptographic knowledge. I started it because my day job onboarding engineers at Cossack Labs includes educating them in cryptographic matters and giving advise what to read on specific topics, and that involves finding the same materials repeatedly. Hopefully, it will be useful for someone else as well. It is aimed at people who are using cryptography in higher-level security systems to implement database encryption, secure sharing, end-to-end encryption in various schemes, and should understand how it works, how it fails and how it is attacked. It is not a list of notable / important / historically important papers (although many of them are here). It is not aimed at academics (who have better grasp of what they need anyway), nor it is aimed for systematic study of wanna-be cryptographers (who better follow structured approach under professional guidance). It will be extended gradually as I find something of "must-have" value. Pull requests are very welcome. Contents Introducing people to data security and cryptography Simple: cryptography for non-engineers Brief engineer-oriented introductions Specific topics Hashing - important bits on modern and classic hashes. Secret key cryptography - all things symmetric encryption. Cryptoanalysis - attacking cryptosystems. Public key cryptography: General and DLP - RSA, DH and other classic techniques. Public key cryptography: Elliptic-curve crypto - ECC, with focus on pratcial cryptosystems. Zero Knowledge Proofs - Proofs of knowledge and other non-revealing cryptosystems. Math - useful math materials in cryptographic context. Post-quantum cryptography - Cryptography in post-quantum period. Books Lectures and educational courses Online crypto challenges The list Introducing people to data security and cryptography Simple: cryptography for non-engineers Nuts and Bolts of Encryption: A Primer for Policymakers. Keys under Doormats - Or why cryptography shouldn't be backdoored, by a all-star committee of crypto researches from around the world. Brief introductions An Overview of Cryptography - By Gary C. Kessler. Using Encryption for Authentication in Large Networks - By Needham, Schroeder: this is were crypto-based auth starts. Communication Theory of Secrecy Systems - Fundamental cryptography paper by Claude Shannon. General cryptographic interest Another Look at “Provable Security” - Inquiries into formalism and naive intuition behind security proofs, by Neal Koblitz et al. The security impact of a new cryptographic library - Introducory paper on NaCl, discussing important aspects of implementing cryptography and using it as a larger building block in security systems, by Daniel J. Bernstein, Tanja Lange, Peter Schwabe. Specific topics Hashing FIPS 198-1: HMACs - The Keyed-Hash Message Authentication Code FIPS document. FIPS 202: SHA3 - SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions. Birthday problem - The best simple explanation of math behind birthday attack. On the Security of HMAC and NMAC Based on HAVAL, MD4, MD5, SHA-0 and SHA-1 - Security analysis of different legacy HMAC schemes by Jongsung Kim et al. On the Security of Randomized CBC-MAC Beyond the Birthday Paradox Limit - Security of randomized CBC-MACs and a new construction that resists birthday paradox attacks and provably reaches full security, by E. Jaulmes et al. Secret key cryptography FIPS 197 - AES FIPS document. List of proposed operation modes of AES - Maintained by NIST. Recomendation for Block Cipher modes of operation: Methods and Techniques. Stick figure guide to AES - If stuff above was a bit hard or you're looking for a good laugh. Cache timing attacks on AES - Example of designing great practical attack on cipher implementation, by Daniel J. Bernstein. Cache Attacks and Countermeasures: the Case of AES - Side channel attacks on AES, another view, by Dag Arne Osvik, Adi Shamir and Eran Tromer. Salsa20 family of stream ciphers - Broad explanation of Salsa20 security cipher by Daniel J. Bernstein. New Features of Latin Dances: Analysis of Salsa, ChaCha, and Rumba - Analysis of Salsa20 family of ciphers, by Jean-Philippe Aumasson et al. ChaCha20-Poly1305 Cipher Suites for Transport Layer Security (TLS) - IETF Draft of ciphersuite family, by Adam Langley et al. AES submission document on Rijndael - Original Rijndael proposal by Joan Daemen and Vincent Rijmen. Ongoing Research Areas in Symmetric Cryptography - Overview of ongoing research in secret key crypto and hashes by ECRYPT Network of Excellence in Cryptology. The Galois/Counter Mode of Operation (GCM) - Original paper introducing GCM, by by David A. McGrew and John Viega. The Security and Performance of the Galois/Counter Mode (GCM) of Operation - Design, analysis and security of GCM, and, more specifically, AES GCM mode, by David A. McGrew and John Viega. Cryptoanalysis Differential Cryptanalysis of Salsa20/8 - A great example of stream cipher cryptoanalysis, by Yukiyasu Tsunoo et al. Slide Attacks on a Class of Hash Functions - Applying slide attacks (typical cryptoanalysis technique for block ciphers) to hash functions, M. Gorski et al. Self-Study Course in Block Cipher Cryptanalysis - Attempt to organize the existing literature of block-cipher cryptanalysis in a way that students can use to learn cryptanalytic techniques and ways to break new algorithms, by Bruce Schneier. Statistical Cryptanalysis of Block Ciphers - By Pascal Junod. Cryptoanalysis of block ciphers and protocols - By Elad Pinhas Barkan. Public key cryptography: General and DLP New Directions in Cryptography - Seminal paper by Diffie and Hellman, introducing public key cryptography and key exchange/agreement protocol. RFC 2631: Diffie-Hellman Key Agreement - An explanation of the Diffie-Hellman methon in more engineering terms. A Method for Obtaining Digital Signatures and Public-Key Cryptosystems - Original paper introducing RSA algorithm. RSA Algorithm - Rather education explanation of every bit behind RSA. Secure Communications Over Insecure Channels - Paper by R. Merkle, predated "New directions in cryptography" though it was published after it. The Diffie-Hellman key exchange is an implementation of such a Merkle system. On the Security of Public Key Protocols - Dolev-Yao model is a formal model, used to prove properties of interactive cryptographic protocols. How to Share a Secret - A safe method for sharing secrets. Twenty Years of Attacks on the RSA Cryptosystem - Great inquiry into attacking RSA and it's internals, by Dan Boneh. Remote timing attacks are practical - An example in attacking practical crypto implementationby D. Boneh, D. Brumley. The Equivalence Between the DHP and DLP for Elliptic Curves Used in Practical Applications, Revisited - by K. Bentahar. Public key cryptography: Elliptic-curve crypto Elliptic Curve cryptography: A gentle introduction. Explain me like I'm 5: How digital signatures actually work - EdDSA explained with ease and elegance. Elliptic Curve Cryptography: finite fields and discrete logarithms. Detailed Elliptic Curve cryptography tutorial. Elliptic Curve Cryptography: ECDH and ECDSA. Elliptic Curve Cryptography: breaking security and a comparison with RSA. Elliptic Curve Cryptography: the serpentine course of a paradigm shift - Historic inquiry into development of ECC and it's adoption. Let's construct an elliptic curve: Introducing Crackpot2065 - Fine example of building up ECC from scratch. Explicit-Formulas Database - For many elliptic curve representation forms. Curve25519: new Diffie-Hellman speed records - Paper on Curve25519. Software implementation of the NIST elliptic curves over prime fields - Pracitcal example of implementing elliptic curve crypto, by M. Brown et al. High-speed high-security signatures - Seminal paper on EdDSA signatures on ed25519 curve by Daniel J. Bernstein et al. Zero Knowledge Proofs Proofs of knowledge - A pair of papers which investigate the notions of proof of knowledge and proof of computational ability, M. Bellare and O. Goldreich. How to construct zero-knowledge proof systems for NP - Classic paper by Goldreich, Micali and Wigderson. Proofs that yield nothing but their validity and a Methodology of Cryptographic protocol design - By Goldreich, Micali and Wigderson, a relative to the above. A Survey of Noninteractive Zero Knowledge Proof System and Its Applications. How to Prove a Theorem So No One Else Can Claim It - By Manuel Blum. Information Theoretic Reductions among Disclosure Problems - Brassau et al. Knowledge complexity of interactive proof systems - By GoldWasser, Micali and Rackoff. Defining computational complexity of "knowledge" within zero knowledge proofs. A Survey of Zero-Knowledge Proofs with Applications to Cryptography - Great intro on original ZKP protocols. Zero Knowledge Protocols and Small Systems - A good intro into Zero knowledge protocols. Key Management Recommendation for Key Management – Part 1: General - Methodologically very relevant document on goals and procedures of key management. Math PRIMES is in P - Unconditional deterministic polynomial-time algorithm that determines whether an input number is prime or composite. Post-quantum cryptography Post-quantum cryptography - dealing with the fallout of physics success - Brief observation of mathematical tasks that can be used to build cryptosystems secure against attacks by post-quantum computers. Post-quantum cryptography - Introduction to post-quantum cryptography. Post-quantum RSA - Daniel Bernshtein's insight how to save RSA in post-quantum period. Books That seems somewhat out of scope, isn't it? But these are books only fully available online for free. Read them as a sequence of papers if you will. A Graduate Course in Applied Cryptography - By Dan Boneh and Victor Shoup. A well-balanced introductory course into cryptography, a bit of cryptoanalysis and cryptography-related security. Analysis and design of cryptographic hash functions, MAC algorithms and block ciphers - Broad overview of design and cryptoanalysis of various ciphers and hash functions, by Bart Van Rompay. CrypTool book - Predominantly mathematically oriented information on learning, using and experimenting cryptographic procedures. Handbook of Applied Cryptography - By Alfred J. Menezes, Paul C. van Oorschot and Scott A. Vanstone. Good classical introduction into cryptography and ciphers. The joy of Cryptography - By Mike Rosulek. A lot of basic stuff covered really well. No ECC. A Computational Introduction to Number Theory and Algebra - By Victor Shoup, excellent starters book on math universally used in cryptography. Lectures and educational courses Understanding cryptography: A textbook for Students and Practitioners - Textbook, great lectures and problems to solve. Crypto101 - Crypto 101 is an introductory course on cryptography, freely available for programmers of all ages and skill levels. A Course in Cryptography - Lecture notes by Rafael Pass, Abhi Shelat. Lecture Notes on Cryptography - Famous set of lectures on cryptography by Shafi Goldwasser (MIT), M. Bellare (University of California). Introduction to Cryptography by Christof Paar - Video course by Christof Paar (University of Bochum in Germany). In english. Cryptography I - Stanford University course on Coursera, taught by prof. Dan Boneh. Cryptography II is still in development. Online crypto challenges Not exactly papers, but crypto challenges are awesome educational material. Cryptopals crypto challenges. License To the extent possible under law, author has waived all copyright and related or neighboring rights to this work. Sursa: https://github.com/pFarb/awesome-crypto-papers

Am mare nevoie de un cont de filelist! Daca ma puteti ajuta cu o invitatie sau un cont in sine, v-as fi foarte recunoscator! Imi puteti da pm sau sa trimiteti la adresa sebi.hutanu@yahoo.com! Multumesc anticipat!