CGI - Security and Exploitation - One of the best tutorials on
cgi/perl security. This tutorial teaches perl coders how to secure
and exploit perl for their advantage. Packed with info used in
everyday hacks, this tutorial is a must read for both programmer and
* How servers are cracked (version 1.0) -
teaches you how most server cracks occur. You need to read either
the FTP security tutorial or the Sendmail security tutorial first,
* Sendmail Tutorial (version 2.6) - find out
why Sendmail is called 'the buggiest daemon on earth', and find out
what a daemon is anyway. Tons of ways to crack into big computers as
well as PCs unleashed, including, of course, information on how to
block these holes. Oh, and you'll also learn how to send fake mails
by easily fooling Sendmail or other SMTP daemons!
* FTP Tutorial
The origional FTP Tutorial That has been updated and rewritten.
Covering some common holes in ftp server, how to protect yourself,
and why PASV is a bad idea
RM Networks Hacking Tutorial - yes, RM Networks. You know, those
local networks, not Internet networks... RM Networks are so stupid
that they rely on the fact that the user is even dumber. Stumbled
across one in your school/university/college/working place? Want
maximum priviledges on it? Then try this tutorial.
* Ad Blocking Tutorial (version 1.8) - are you
tired of seeing stupid commercials and popups popping on your screen
and chewing up your bandwidth? Then read this!.
Architecture, Network Concepts and Facts - recommended reading
for any beginner. This will get a lot of facts and concepts sorted
out in your head, and will explain to you just how the Internet
* Various Sendmail Holes (version 1.0) - the
most known Sendmail holes. Just to show you what we mean by "The
Buggiest Daemon on Earth".
* Proxy/WinGate/SOCKS Tutorial (version 1.0) -
don't know what a Proxy is? Don't know what a WinGate is?
Don't know what a SOCKS firewall is? Wanna learn how to increase
your anonymity by using them to "bounce" your connection? Then read
Gathering Tutorial - The orgional tutorial on Info Gathering
that has been rewritten. How to gather vital information about your
* ICQ Security (version 1.9 NEW) - learn
about ICQ's security flaws, how to
exploit them and how to protect yourself from malicious users who
use these flaws against you. Stealing passwords, reading someone's
entire hard drive, flooding, spoofing, DoSsing, utilizing the ICQ
protocol and what not. It even teaches how to crack the ICQ password
* Mailing Lists Security (version 1.0) - how to
improve your mailing list's security, how to hack other mailing
lists and what is a mailing list anyway (plus different kinds of
mailing lists, where and how to get them etc').
and Beyond: Kewl Tips and Tricks (version 1.0) - another
tutorial about SMTP protocol.
* Exploits Explained II: The #2,000 "Bug"
(version 1.1) - learn about the #2,000 "bug" in IRC, which in
certain cases let's you screw up reeeeal bad with people and
channels, and play cool jokes on people.
* IP Masquerading Tutorial (version 1.1) -
learn what IP Masquerading is, and what is it good for anyway.
* Speeding Up Your Internet Connection Using DNS
Caching Under Unix and Windows (version 1.0) - what the name
* Trojans (version 1.0) - what are trojans
(covers both Unix trojans and Windows trojans)? Different types of
trojans, how to detect and defeat them etc'.
* The POP
Protocol (version 1.0) - learn more on how Email works. Learn to
check your Email by hand from anywhere around the world without the
need of any programs at all besides telnet. Learn how to delete
mailbombs in seconds. Utilize the POP3 protocol by yourself with
* Domain Hijacking (version 1.0) - check out
this one to learn how to hijack domain names. By the time you read
this, it might already be outdated, but what the heck, read it
* Uploading/Downloading Files From/To Usenet
Networks (version 1.0) - do it by yourself, instead of using a
program, and learn just a bit more about MIME encoding.
* HTTP Torn
Apart - the inner workings of the http protocol, showing you
what your browser does automatically, giving you greater control
over what you send out and take in from the world.
* Virus/Trojan - how the work and how to
make them work ;)
* Cracking File and Print Sharing (version
1.3) - learn about this method to crack into Windows box that has
file and print sharing enabled (even if the shares are
password-protected), how to protect yourself against it, and how to
secure your shares (if you have any).
Tools Explained (version 2.0) - a complete revamp of the
tutorial which shows how windoze can still be useful, this is an
absolutely great tutorial for the newbie covering most aspects of
using free tools as reconnaissance and hacking. There is also a
version with notes from R a v e N here.
* Firewalls Torn Apart (version 1.0) -
shows you what firewalls are and their weaknesses, includes some
information about the TCP/IP stack.
* The Structure of
an IP Address (version 1.0) - explains what's behind the numbers
in an IP address, and some interesting or special IP ranges that you
should know about.
* DoS Attacks
Tutorial - we've wanted to do a tutorial about DoS attacks, but
then we've found this CERT paper, so we've decided that instead we
should rather put it up in here and do some updates to it later on
(mostly information about new attacks and making things easier to
understand for newbies). Anyway we recommend reading the TCP/IP
tutorial first (it's the next one on the list).
* TCP/IP for
Newbies (version 1.1) - an excellent beginner's guide on the
basics of TCP/IP and a bit more. Great for every newbie, but also
good for more advanced people, to check and clarify some things, see
if you missed anything etc'.
* Hacking MailMachine.cgi (version 1.0) - learn
how to exploit some severe holes in Mike's mailmachine.cgi script. A
great way to get the feeling of finding holes within programs by
experimenting and exploring.
* HTTP-Based Authentication (version 1.0) -
learn what HTTP-based authentication is all about, what kind of
encryption is used in it's password files and how to break it.
* Why Are There Such a Few Viruses and Remote
Administration Trojans for Unix/Linux? (version 1.0) - learn
exactly why, and how you can defend yourself against the few ones
that exist without the need for any anti-virus software, nor without
having to avoid running untrusted software.
Cisco Systems (version 1.0) - mess with those nifty routers, and
learn a few lessons about the Internet itself. Worth reading even if
you're not interested in routers (although breaking into one could
be VEEERY interesting). Everything that this guide explains can be
done even from Windows.
* Kerberos Torn Apart (version 1.0) - just
what the name says! A newbie-friendly guide about this excellent way
to improve network security.
Validation Attacks (version 1.0) - learn what the name means,
how such attacks work, how they can be carried out and exploited and
how to prevent such attacks.
Bombing and List Linking (version 1.0) - in contradiction with
other "tutorials" about this subject that you might have seen
around, this one is a professional article, and it also lists a few
countermeasures against such attacks.
* Gathering Info on a Host: The Essential Ingredient
for getting root / admin (version 1.0) - Covers the first step
in a successful attack: gathering information about your target.
"Know Your Enemy".
* How Does Traceroute Works (version 1.0) -
explains how the traceroute utility works, and a few of it's uses.
* Buffer Overflows for Newbies (version 1.0) -
explains what a buffer overflow is to the average newbie.
Default Passwords (version 1.0) - a
short tutorial and a very long list of default passwords. Make sure
you're not using any of those!
Netstat to Get IPs (version 1.0) - a guide dedicated to all
those people who have been asking how to get someone's IP over ICQ
without the cracks (programs such as isoaq).
open holes (version 1.0) - tutorial about netstat, how to detect
and defend from attacks - firewalls...
geographical Information using an IP Address (version 1.0) - no
need for explanation
IGS Cisco Routers (version 1.01) - How to obtain local and
remote information about an IGS Cisco Router.
* The OSI
Model (version 1.02) Indepth analysis of the Open System
Interconnection (OSI) model. Everything you need to know about the
OSI Model is found in this tutorial.
Hacking - Here is the log of the Cablemodem hacking lecture that
took place in our irc
channel. It deals with the securities and insecurities of
cablemodems, a must read.
- This is the log of a spontanious lecture in our irc channel. This mainly
covers how to go about setting up your linux laptop up for wireless
networking and wardriving (looking for open wireless networks).