Month: February 2016

My Journey into eWPT

Last year I thought of getting certified in the field of web application security since I haven’t done any certifications before. I researched about the current certifications in the market and found out most of them are just answering few MCQs and getting certified, but unfortunately those are highly accepted by different organizations. But when it comes to the info sec industry there’s a bunch of good certifications I had in mind to complete someday. So considering my budget, time and resources I thought of taking eLearnSecurity’s eWPT certification. This certification is highly hands-on and a fully practical penetration test based exam. When it comes to the industry it’s hard to prove we know something, so I think I did a better choice in taking a certification in the field which I have experience since small age. Apart from that before I loose my teens I wanted to get certified 😉
(more…)

Shellcode Extractor

This tool will extract the opcodes from the .text section and display in different hex formats for different syntaxes. Works only with valid PE files. Coded in C++Builder XE5.

Download: https://github.com/OsandaMalith/ShellCode-Extractor/releases

View post on imgur.com

2014 Flare On Challenge 2

You can download the challenge from here : http://www.flare-on.com/files/C2.zip

The zip file contains a html file and an image as the logo of the html file inside the img folder.

View post on imgur.com

View post on imgur.com

If we open the image in a hex editor we can see at the end it contains PHP code.

View post on imgur.com


(more…)

2014 Flare On Challenge 1

You can download the challenge from here: http://www.flare-on.com/files/C1.exe

As we run the application we get this.

View post on imgur.com

When we click on decode the we get this encrypted string.

View post on imgur.com


(more…)