What you didn't know about Metasploit (PDF · 3.2 Mb)

Most of the penetration testers use Metasploit for exploiting infrastructure vulnerabilities and binding a shell to a port. This presentation shows functionality well beyond exploitation and how Metasploit Framework can aid during vulnerability research, exploit development, vulnerability scanning, exploitation and post-exploitation.

Abusing PHP sockets for fun and profit (PDF · 807 kb)

PHP (PHP: Hypertext Preprocessor) is a server-side HTML embedded scripting language which provides web developers with a full suite of tools for building dynamic websites.PHP socket library implements a low-level interface to the socket communication functions based on the popular BSD sockets.

This presentation will focus on the use of PHP socket library from an offensive point of view, demonstrating interesting and creative vectors of attack.

Download Tool (ZIP, 15.1 kb) | View Demo

Blind SQL injection optimization techniques (PDF · 219 kb)

Blind SQL injection is a common vulnerability present in web applications. There are a number of issues when it comes to exploiting it, probably 'time' is the biggest one. Blind SQL injection is a slow attack.

This presentation presents a number of ways to speed up the attack and a practical implementation of such techniques.

Download Tool (PY, 8.8 kb) | View Demo