Java Vulnerable Lab – Learn to Hack and secure Java based Web Applications

We (Cyber Security and Privacy Foundation) have developed a vulnerable Java based Web Applicatoin . This app is intended for the Java Programmers and other people who wish to learn about Web application vulnerabilities and write secure code. The full course on Hacking and Securing Web Java Programs is available in Warning: Don’t run […]

Hacking Remote Pc by Exploiting Java Applet Field Bytecode Verifier Cache Remote Code Execution

CVE-2012-1723: This is a vulnerability in the HotSpot bytecode verifier where an invalid optimization of GETFIELD/PUTFIELD/GETSTATIC/PUTSTATIC instructions leads to insufficient type checking. A specially-crafted class file could possibly use this flaw to bypass Java sandbox restrictions, and load additional classes in order to perform malicious operations. The vulnerability was made public by Michael ‘mihi’ Schierl. Requirement: […]

Malware Analysis Video Tutorial for Beginners

Learn malware analysis fundamentals from the primary author of SANS’ course FOR610: Reverse-Engineering Malware (REM). More at In this session, Lenny Zeltser will introduce you to the process of reverse-engineering malicious software. He will outline behavioral and code analysis phases, to make this topic accessible even to individuals with a limited exposure to programming […]