I have just released a new tool at http://projects.jason-rush.com/buffer-overflow-eip-offset-string-generator that is a web equivalent of the Metasploit, pvefindaddr, and Mona scripts: pattern_create and pattern_offset.

This tool is to help find how far into a Buffer Overflow exploit string your return address needs to be in order to overwrite EIP successfully.

I appreciate any comments, suggestions, thoughts, etc...

Enjoy,
Jason Rush

A visual explanation of MySQL Injection attacks
By Jason E Rush

( projects.jason-rush.com/ contains the original, and any updates after July 11, 2012 )

Changes in the form are updated in real time (javascript) to give a visual representation of how an SQL query might look.

I plan to do some work on the Sirens this Thursday (Feb 18) Friday (Feb 19). It will only be a couple hours but both the sirens and their gateway will be publicly inaccessable.

EDIT : Due to scheduling problems, I will be doing the Siren updates Friday. Sorry for any inconvenience.

EDIT : Sirens should now be back online.

The Roothack Siren wargames are now back up, after some much needed house-keeping and updates. As I speak, Ocyrus is redirecting the dns entry to point back at them.

A short ramble on Hack3r/Roothack's Past, Present, and Future
By Jason Rush aka AkSnowman