A replay attack on a wireless network can be used to take advantage of a vulnerability in wireless protocols. In this video, I’ll demonstrate how a limitation in WEP can be used to speed the identification of the WEP shared password. << Previous Video: Spoofing Next: Rogue Access Points and Evil Twins >> When you’re […]

If I can pretend to be someone else, I can probably get through some of your existing security controls. In this video, you’ll learn how MAC and IP spoofing can be used to attack a network or system. << Previous Video: Driver Manipulation Next: Wireless Replay Attacks >> Spoofing is a technique used extensively in

Our device drivers have direct access to hardware and the operating system. In this video, you’ll learn how attackers can manipulate hardware drivers to gain access to your information. << Previous Video: Client Hijacking Attacks Next: Spoofing >> The traditional anti-virus and anti-malware software that we use on our workstations is very good at identifying

Instead of breaking into the server, why not just take over the client? In this video, you’ll learn a number of techniques that attackers can use to hijack your computer or mobile device. << Previous Video: Replay Attacks Next: Driver Manipulation >> There are a number of malicious reasons why a bad guy would want

If you can hear the password, you can repeat it. In this video, you’ll learn how replay attacks can be used to gain access to privileged information. << Previous Video: Zero-Day Attacks Next: Client Hijacking Attacks >> We are sending important information over a network all the time, and the bad guys know this. And

There are unknown vulnerabilities in our operating systems and applications, and it’s a race to see who can exploit them first. In this video, you’ll learn about zero-day attacks and what you can do to prevent an unforeseen attack. << Previous Video: DNS Poisoning and Domain Hijacking Next: Replay Attacks >> The operating systems and

If you can’t hack the user, maybe you can hack the DNS server. In this video, you’ll learn how a DNS poisoning attack or domain hijacking can allow an attacker to seamlessly impersonate an entire company. << Previous Video: Privilege Escalation Next: Zero-Day Attacks >> The domain name services are a critical part of our

The fastest way to become the system administrator is to steal it. In this video, you’ll learn how privilege escalation can instantly take you from zero to user 0. << Previous Video: Cross-site Request Forgery Next: DNS Poisoning and Domain Hijacking >> Privilege escalation is the type of vulnerability you really don’t want to have

Session riding can be one of the more challenging attack types to guard against. In this video, you’ll learn how XSRF works and how the bad guys can manipulate a vulnerable application for their own gain. << Previous Video: Cross-site Scripting Next: Privilege Escalation >> The cross-site request forgery attack is sometimes called a one-click

If you can convince a browser to run a script, then you can control a significant amount of a user’s working environment. In this video, you’ll learn about cross-site scripting and how XSS attacks can be used to steal right from under our noses. << Previous Video: Data Injection Next: Cross-site Request Forgery >> Cross-site