下载地址：http://www.payrankings.com/12all/lt/t_go.php?i=4817&e=ODA4NjE5Mg==&l=-http--hakin9.org/magazine/1057-flash-memory-mobile-forensic

Inside:

Writing WIN32 shellcode with a C-compiler
Flash memory mobile forensic
Threat Modeling Basics
Pwning Embedded ADSL Routers
Firewalls for Beginners

Regulars:

ID Fraud Expert Says by Julian Evans: Identity Theft Protection Services – a new industry is born
Interview with:
Victor Julien, lead coder for the Open Information Security Foundation
Ferruh Mavituna, web application penetration tester and security tool developer

Tool reviews: NTFS Mechanic, Active@ Undelete Professional, KonBoot v1.1
Download

--------------------------------------------------------------------------------

Pwning Embedded ADSL Routers
by Aditya K Sood
This paper sheds light on the hierarchical approach of pen testing and finding security related issues in the small embedded devices that are used for local area networks. The paper is restricted to not only testing but also discusses the kinds of software and firmware used and incessant vulnerabilities that should be scrutinized while setting up a local network.

--------------------------------------------------------------------------------

Firewalls for Beginners
by Antonio Fanelli
Firewalls are often overlooked, but are actually one of the best deterrents against unauthorized accesses. Learn how to build a low-cost firewall with iptables. Whenever people ask me how they can be sure no one can have unauthorized remote access to their PC, my first answer is: disconnect your PC!

--------------------------------------------------------------------------------

Writing WIN32 shellcode with a C-compiler
by Didier Stevens
Shellcode is hard to write. That is why I worked out the method presented here to generate WIN32 shellcode with a C-compiler. To fully benefit from the content of this article, you should have some experience writing WIN32 programs in C/C++ and WIN32 shellcode, and understand the differences between both approaches.

--------------------------------------------------------------------------------

Flash memory mobile forensic
by Salvatore Fiorillo
This paper is an introduction to flash memory forensic with a special focus on completeness of evidences acquired from mobile phones. Moving through academic papers and industrial documents will be introduced the particular nature of non-volatile memories present in nowadays mobile phones; how they really work and which challenges they pose to forensic investigators.

--------------------------------------------------------------------------------

Threat Modeling Basics
by Timothy Kulp
In the world of software, security is thrown into a system somewhere at the end of the project. For many developers adding security to a system is using a login with SSL/TLS; but sadly, these two are not the security silver bullet developers are led to believe.

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入！