image n/a
image n/a humor/ image n/a phish/ image n/a vulns/

Security Literature

image n/a Hacker Challenge Report (pdf)
image n/a ANI 0-day Analysis (pdf)
image n/a Firepass Security Advisory (pdf)
image n/a eDir Remote Code Exec (pdf)
image n/a ZERT & MS VML Patch (pdf)
image n/a Glamour Ransomware (pdf)
image n/a Python To Extract Malware (pdf)
image n/a Zeus Malware Case Study (pdf)
image n/a Torpig VMM/IDT Signatures (pdf)
image n/a Vmware Shellcode Injection (pdf)
image n/a Unpacking FSG (pdf)
image n/a Hacking the Packer (pdf)
image n/a Life and Times of Ddabx (pdf)
image n/a W0rd 0-day Dissassembly
image n/a Anatomy of a Phish IV (pdf)
image n/a PE Local DoS Vuln (pdf)
image n/a Cryptography of SSH2
image n/a Anatomy of a Phish III (pdf)
image n/a Upload Scripts & Toolkits
image n/a Red-Headed Browsers & WMF
image n/a Classic Trimode Exploit
image n/a ISC Malware Quiz 5 (pdf)
image n/a Access Log Analytics 2006
image n/a Assorted Incidentals 2005
image n/a Anatomy of a Phish II (pdf)
image n/a Anatomy of a Phish (pdf)
image n/a Scan of the Month 34
image n/a MS JVMs ByteVerify Trojan
image n/a Awstats Linux Rootkit
image n/a Tri-Mode Browser Exploits
image n/a Namibian TIBS Infection
image n/a Bestfriends and Sdbot Rootkit
image n/a Gwee Exploits Webmail
image n/a XSS, Triple-encoded Exploit
image n/a telnet:// used in IE Exploit
image n/a Investigating CHM Exploits
image n/a Investigating Netwin Malware
image n/a Short Security Discussions
image n/a Short Proof of Concepts
image n/a Stack Buffer Overflows
image n/a Attack Signatures and Analysis
image n/a Threats, Attacks, Defenses
image n/a First Trojan Tracking Journey

Vulnerabilities

This page contains a list of vulnerabilities that I have identified and/or researched since March of 2006. All bugs were reported responsibly and fixed prior to disclosure on this web site. The target institution or product is confidential in some reports and available in others. The icons on this page are taken from the MINIMALIZM v1.0 icon set by (Razor99).

Binaries

Novell eDirectory Remote Code Exec Stack Overflow
Novell eDirectory/iMonitor URI Stack Overflow Analysis (soon)
Injecting Shellcode Into Running Vmware Guests
Tumbleweed MailGate Remote Code Exec Stack Overflow
PE Analyzer Local DoS Condition

Browser / Web Based

Multiple Vulnerabilities in F5 FirePass SSL VPN
Cross Site Scripting - Bank Contact Page
SQL Injection - Bank Maintenance Login Form
Cross Site Scripting - University Online Bookstore
SQL Injection - Bank Job Application Pages
Short Articles

Using IDT for VMM Detection image n/a
Google Hacking osCommerce image n/a
Self-Incriminating Anti-spyware image n/a
Cross-Site Scripting Primer image n/a
Chaos & Order: ADS Malware image n/a
Unpacking The Dumpster image n/a
Detecting Promiscuous NIC image n/a
Cross-breeding Mytob/Hellbot image n/a
Escaping the Dust - Notepad image n/a
Introduction To Steganography image n/a
Panning For Gold - Grep Wget image n/a
The Salami Attack Analogy image n/a
Nmap Versus Iptables Battle image n/a
Investigate HTTP Based Exploits image n/a
Gedza - Incomplete VB Worm image n/a
Elementary Virus & Antivirus image n/a
Trial By Fire - Tiger Teams image n/a
Into To Password Guessing image n/a
Fingerprinting the Fingerprint image n/a
Presentations
Manual Intrusion Detection image n/a
Debugging with CVE-2007-0038 image n/a

Last Updated: February 23 2009 mnin.org is |00000110| years old.
Site design and layout with umm...a bash shell. Graphic by (Aaron Bieber)
Unless otherwise noted, this work is licensed with (Creative Commons Attribution License).

Valid HTML 4.0! Valid CSS! Valid RSS 2.0! Creative Commons License