Security Papers

       Tutorial: Hping2 Basics (pdf)
       Description: Basics of using Hping2 and packet reading.
       Published on: www.EthicalHacker.net

       Tutorial: Metasploit Framework Web Interface v 2.6 (pdf)
       Description: Basics of using the Metasploit Framework Web Interface version 2.6.
       Published on: www.metasploit.com & www.EthicalHacker.net

       Tutorial: TCPDump Basics (pdf)
       Description: Basics of using TCPDump
       Published on: www.LearnSecurityOnline.com

       Tutorial: User2SID-SID2User (pdf)
       Description: Basics of using User2SID & SID2User tools
       Published on: www.windowsecurity.com & LSO

       Tutorial: UserInfo-UserDump (pdf)
       Description: Basics of using UserInfo & UserDump
       Published on: www.securitydocs.com & LSO

       Description: Using Rainbow Table & Rainbowcrack and some information on strong passwords.
       Published on: www.windowsecurity.com & www.EthicalHacker.net
       Note: the article did pretty well on digg (made the frontpage)...click here to see a screenshot.

       Tutorial: HTTP Fingerprinting (pdf)
       Description: Some basics of HTTP fingerprinting, concept, tools, & defenses for IIS & Apache.
       Published on: www.LearnSecurityOnline.com

       Tutorial: Metasploit Framework v3 Basics (pdf)
       Description: Basics of using MSF v3, goes with the hack videos.
       Published on: www.LearnSecurityOnline.com

       Tutorial: MS Terminal Server Cracking (pdf)
       Description: Using TSGrinder, TScrack, and rdesktop to crack TS user accounts. Goes with this hack video.
       Published on: www.LearnSecurityOnline.com & EthicalHacker.net
       Tools: TScrack v2.1 (Local Copy)

       Tutorial: TEMPEST (pdf)
       Description: Got interested in TEMPEST, did research, wrote a paper.
       Published on: www.EthicalHacker.net and www.infosecwriters.com

       Article: Hacker Defender Rootkit for the Masses (pdf)
       Description: Hacker Defender Rootkit How-to for hakin9 magazine
       Published in: hackin9 magazine

 

   Presentations

       Open Source Information Gathering Slides -- BruCon Edition (pdf)
       Description: Open Source Information Gathering Slides -- BruCon Edition

       Defcon 17 Attacking Oracle with the Metasploit Framework Whitepaper (pdf)
       Description: Defcon 17 Attacking Oracle with the Metasploit Framework Whitepaper

       Defcon 17 Attacking Oracle with the Metasploit Framework Slides (pdf)
       Description: Defcon 17 Attacking Oracle with the Metasploit Framework Slides

       Blackhat USA 09 Attacking Oracle with the Metasploit Framework Whitepaper (pdf)
       Description: BlackHat USA 09 Attacking Oracle with the Metasploit Framework Whitepaper

       Blackhat USA 09 Attacking Oracle with the Metasploit Framework Slides (pdf)
       Description: BlackHat USA 09 Attacking Oracle with the Metasploit Framework Slides



   Various Hacking Challenge Servers Answers (OLD STUFF)

       Cheat Sheet: Ngsec WebApp Security Challenge game 1 (pdf)
       Description: Ngsec's WebApplication Security Challenge game 1 solution guide (Levels 1-9, no 10 yet)

     

 

   "Real" Published Papers (OLD STUFF)

       S. Lathrop, C. Gates, D. Massie, J. Hill. “Penetration Test of a Power Plant: Evaluating the Security of a Supervisory
       Control and Data Acquisition (SCADA) System,” ASHRAE Transactions, Volume 2006. Vol. 112, Pt. 2.
       LOCAL COPY (pdf)

       G. Conti, D. Ragsdale, S. Lathrop and C. Gates; "Implementation and Lessons Learned from an Undergraduate
       Special Interest Group in Information Assurance;" Colloquium for Information Systems Security Education (CISSE);
       June 2004.
       LOCAL COPY (pdf)