And Network Security
Unix / Linux
* Hacking CGI - Security and Exploitation
- One of the best tutorials on cgi/perl security. This tutorial teaches perl coders how to secure and exploit perl for their advantage. Packed with info used in everyday hacks, this tutorial is a must read for both programmer and hacker.
* How servers are cracked (version 1.0)
- teaches you how most server cracks occur. You need to read either
the FTP security tutorial or the Sendmail security tutorial first,
* Sendmail Tutorial (version 2.6) - find
out why Sendmail is called 'the buggiest daemon on earth', and
find out what a daemon is anyway. Tons of ways to crack into big
computers as well as PCs unleashed, including, of course, information
on how to block these holes. Oh, and you'll also learn how to
send fake mails by easily fooling Sendmail or other SMTP daemons!
Tutorial The origional FTP Tutorial That has been updated and rewritten. Covering some common holes in ftp server, how to protect yourself, and why PASV is a bad idea
* The RM
Networks Hacking Tutorial - yes, RM Networks. You know,
those local networks, not Internet networks... RM Networks are
so stupid that they rely on the fact that the user is even dumber.
Stumbled across one in your school/university/college/working
place? Want maximum priviledges on it? Then try this tutorial.
* Ad Blocking Tutorial (version 1.8) -
are you tired of seeing stupid commercials and popups popping
on your screen and chewing up your bandwidth? Then read this!.
* Internet Architecture, Network Concepts and Facts
recommended reading for any beginner. This will get a lot of facts and concepts sorted out in your head, and will explain to you just how the Internet works.
* Various Sendmail Holes (version 1.0)
- the most known Sendmail holes. Just to show you what we mean
by "The Buggiest Daemon on Earth".
* Proxy/WinGate/SOCKS Tutorial (version 1.0)
- don't know what a Proxy is? Don't know what a WinGate
is? Don't know what a SOCKS firewall is? Wanna learn how to increase
your anonymity by using them to "bounce" your connection? Then
read this one.
* Info Gathering
Tutorial - The orgional tutorial on Info Gathering that has been rewritten. How to gather vital information about your target.
* ICQ Security
(version 1.9 NEW) - learn about ICQ's security flaws, how to exploit
them and how to protect yourself from malicious users who use
these flaws against you. Stealing passwords, reading someone's
entire hard drive, flooding, spoofing, DoSsing, utilizing the
ICQ protocol and what not. It even teaches how to crack the ICQ
password by yourself.
* Mailing Lists Security (version 1.0) - how
to improve your mailing list's security, how to hack other mailing
lists and what is a mailing list anyway (plus different kinds
of mailing lists, where and how to get them etc').
and Beyond: Kewl Tips and Tricks (version 1.0) - another tutorial
about SMTP protocol.
* Exploits Explained II: The #2,000 "Bug"
(version 1.1) - learn about the #2,000 "bug" in IRC, which in
certain cases let's you screw up reeeeal bad with people and channels,
and play cool jokes on people.
* IP Masquerading Tutorial (version
1.1) - learn what IP Masquerading is, and what is it good for
* Speeding Up Your Internet Connection Using
DNS Caching Under Unix and Windows (version 1.0) - what the
* Trojans (version 1.0) - what are trojans
(covers both Unix trojans and Windows trojans)? Different types
of trojans, how to detect and defeat them etc'.
* The POP Protocol (version 1.0) - learn more
on how Email works. Learn to check your Email by hand from anywhere
around the world without the need of any programs at all besides
telnet. Learn how to delete mailbombs in seconds. Utilize the
POP3 protocol by yourself with this tutorial.
* Domain Hijacking (version 1.0) - check
out this one to learn how to hijack domain names. By the time
you read this, it might already be outdated, but what the heck,
read it anyway.
* Uploading/Downloading Files From/To Usenet
Networks (version 1.0) - do it by yourself, instead of using
a program, and learn just a bit more about MIME encoding.
* HTTP Torn Apart - the inner workings of the
http protocol, showing you what your browser does automatically,
giving you greater control over what you send out and take in
from the world.
* Virus/Trojan - how the work and how
to make them work ;)
* Cracking File and Print Sharing (version
1.3) - learn about this method to crack into Windows box that
has file and print sharing enabled (even if the shares are password-protected),
how to protect yourself against it, and how to secure your shares
(if you have any).
* Net Tools Explained (version 2.0) - a
complete revamp of the tutorial which shows how windoze can still
be useful, this is an absolutely great tutorial for the newbie
covering most aspects of using free tools as reconnaissance and
hacking. There is also a version with notes from R a v e N here.
* Firewalls Torn Apart (version
1.0) - shows you what firewalls are and their weaknesses, includes
some information about the TCP/IP stack.
* The Structure
of an IP Address (version 1.0) - explains what's behind the
numbers in an IP address, and some interesting or special IP ranges
that you should know about.
* DoS Attacks
Tutorial - we've wanted to do a tutorial about DoS attacks,
but then we've found this CERT paper, so we've decided that instead
we should rather put it up in here and do some updates to it later
on (mostly information about new attacks and making things easier
to understand for newbies). Anyway we recommend reading the TCP/IP
tutorial first (it's the next one on the list).
for Newbies (version 1.1) - an excellent beginner's guide
on the basics of TCP/IP and a bit more. Great for every newbie,
but also good for more advanced people, to check and clarify some
things, see if you missed anything etc'.
* Hacking MailMachine.cgi (version 1.0)
- learn how to exploit some severe holes in Mike's mailmachine.cgi
script. A great way to get the feeling of finding holes within
programs by experimenting and exploring.
* HTTP-Based Authentication (version 1.0)
- learn what HTTP-based authentication is all about, what kind
of encryption is used in it's password files and how to break
* Why Are There Such a Few Viruses and Remote
Administration Trojans for Unix/Linux? (version 1.0) - learn
exactly why, and how you can defend yourself against the few ones
that exist without the need for any anti-virus software, nor without
having to avoid running untrusted software.
* Exploiting Cisco Systems (version 1.0) -
mess with those nifty routers, and learn a few lessons about the
Internet itself. Worth reading even if you're not interested in
routers (although breaking into one could be VEEERY interesting).
Everything that this guide explains can be done even from Windows.
* Kerberos Torn Apart (version 1.0) -
just what the name says! A newbie-friendly guide about this excellent
way to improve network security.
* Input Validation Attacks (version 1.0)
- learn what the name means, how such attacks work, how they can
be carried out and exploited and how to prevent such attacks.
* Mail Bombing and List Linking (version
1.0) - in contradiction with other "tutorials" about this subject
that you might have seen around, this one is a professional article,
and it also lists a few countermeasures against such attacks.
* Gathering Info on a Host: The Essential Ingredient
for getting root / admin (version 1.0) - Covers the first
step in a successful attack: gathering information about your
target. "Know Your Enemy".
* How Does Traceroute Works (version
1.0) - explains how the traceroute utility works, and a few of
* Buffer Overflows for Newbies (version 1.0)
- explains what a buffer overflow is to the average newbie.
* Default Passwords (version 1.0)
- a short tutorial and a very long list of default passwords.
Make sure you're not using any of those!
* Using Netstat to Get IPs (version 1.0)
- a guide dedicated to all those people who have been asking how
to get someone's IP over ICQ without the cracks (programs such
open holes (version 1.0) - tutorial about netstat, how to
detect and defend from attacks - firewalls...
geographical Information using an IP Address (version 1.0)
- no need for explanation
IGS Cisco Routers (version 1.01) - How to obtain local and
remote information about an IGS Cisco Router.
OSI Model (version 1.02) Indepth analysis of the Open System
Interconnection (OSI) model. Everything you need to know about
the OSI Model is found in this tutorial.
Hacking - Here is the log of the Cablemodem hacking lecture
that took place in our irc channel. It deals
with the securities and insecurities of cablemodems, a must read.
* Wardriving -
This is the log of a spontanious lecture in our irc channel. This mainly covers
how to go about setting up your linux laptop up for wireless networking and
wardriving (looking for open wireless networks).