Posts

Showing posts from September, 2013

Testing CAPTCHA strength with GSA CAPTCHA Breaker

With sophisticated OCR technologies, today's CAPTCHA defense in web applications has become weaker and weaker partially due to a requirement to maintain usability. In this demo, we used GSA Breaker tool to test the effectiveness of sample  CAPTCHA  images.    [ View Online   |   Download   ]  

[Tool] DLL Hijack Helper

New repo:  https://github.com/yehgdotnet/dll_hijack_helper https://code.google.com/p/yehg-core-lab-misc/source/browse/#svn%2Ftrunk%2Fdll-hijack-helper This tool will aid you in your manual DLL Hijacking vulnerability hunting when automatic approach does not smoothly work. How-to ++++++++++++++++++++++++++++++ 1. Run ProcMon 2. Set filter rule with result "NAME NOT FOUND" 3. Run your target application 4. Save ProcMon output as CSV 5. Run dll-hijack-helper.py