Last year I thought of getting certified in the field of web application security since I haven’t done any certifications before. I researched about the current certifications in the market and found out most of them are just answering few MCQs and getting certified, but unfortunately those are highly accepted by different organizations. But when it comes to the info sec industry there’s a bunch of good certifications I had in mind to complete someday. So considering my budget, time and resources I thought of taking eLearnSecurity’s eWPT certification. This certification is highly hands-on and a fully practical penetration test based exam. When it comes to the industry it’s hard to prove we know something, so I think I did a better choice in taking a certification in the field which I have experience since small age. Apart from that before I loose my teens I wanted to get certified 😉
(more…)
Month: February 2016
Shellcode Extractor
This tool will extract the opcodes from the .text section and display in different hex formats for different syntaxes. Works only with valid PE files. Coded in C++Builder XE5.
Download: https://github.com/OsandaMalith/ShellCode-Extractor/releases
2014 Flare On Challenge 2
You can download the challenge from here : http://www.flare-on.com/files/C2.zip
The zip file contains a html file and an image as the logo of the html file inside the img folder.
If we open the image in a hex editor we can see at the end it contains PHP code.
2014 Flare On Challenge 1
You can download the challenge from here: http://www.flare-on.com/files/C1.exe
As we run the application we get this.
When we click on decode the we get this encrypted string.