Undetectable Sniffing On Ethernet
I have been in some tight spots where I had to sniff a password or two off the wire, or sniff some packets off the wire and based on the packets content perform some action... Accidentally, I stumbled on a method to sniff data while remaining undetected and invisible.
Originally Posted: 2003/04/15
COMPUTER SECURITY TOOLBOX
List of mainly obscure security software geared more for the master pentester. These are mostly for unix, bsd, and mac and many are difficult to install and setup (require custom servers, inside access points, obscure libraries). Only programs that output data are included, so no actual exploits or anything. Most of these output extremely useful albeit extremely technical information.HTTP Packet Capturing to debug Apache
This article is a quick and easy HowTo detailing the use of Wireshark or another network sniffing program to debug your Apache .htaccess or httpd.conf files.
Arp Packet Hacking
Part deux of Want to know how to really hack? Originally Posted: 12/28/2003
HTTP Status Codes and Htaccess ErrorDocuments
There are a total of 57 HTTP Status Codes recognized by the Apache Web Server. Wouldn't you like to see what all those headers and their output, ErrorDocuments look like?
Advanced .htaccess Tricks for Securing Sites
This is all new, experimental, and very very cool. It literally uses .htaccess techniques to create several virtual "locked gates" that require a specific key to unlock, in a specific order that cannot be bypassed. It uses whitelisting .htaccess tricks to specify exactly what is allowed, instead of trying to specify everything that isn't allowed. Also, by setting specific cookies/tokens after successfully passing through a gate, we can then require the exact cookie/token from the previous gate, which stops an attacker from skipping or bypassing gates.