While still on the topic of university, I have published some of the essays/reports that I wrote while studying at University of Derby. One can probably notice that with time they started improving therefore if you are going to read anything, I highly recommend you start from the latest ones. The details of each of them are available on my LinkedIn profile.
This is a list of them:
- Evading Intrusion Detection Systems (IDS) (May 2012)
- Issues of Forensic Investigations in Cloud Computing (May 2012)
- Autonomous Network Management (Dec. 2011)
- The Use of Insects at the Crime Scene (Oct. 2010)
- Computer Crime and Computer Misuse (Mar. 2010)
- Database Design, Implementation & Testing (a project, Dec. 2009)
- Forensic Science - Case Study (Dec. 2009)
- Evidence Collection at the Crime Scene (Dec. 2009)
- The Greg Schardt case - Forensic Investigation (Apr. 2009)
I have also came across two fascinating articles that I would like to share.
The first one is regarding creation of a "stealth web shell". The idea is to use some of the features provided by Apache, particularly '.htaccess' file, and by redirecting seemingly innocent queries to an image file, the server will process them as if they were shell commands without leaving any trace in the logs. I have to admit, it is very neat!
The second article discusses poorly known feature of Windows 2008, namely Group Policy Preferences, which under certain conditions lets any authenticated user to recover plain-text passwords of some other users; potentially leading to privilege escalation. I particularly cherish the wide view on the problem, that is, introduction for people unfamiliar with GPP, use of third party tools like WireShark and APIMonitor, and development of scripts in Python, which take advantage of this weakness. Definitely a great read!