Spelling suggestions: "subject:"cracking"" "subject:"bracking""
1 |
Changer le travail ou changer la société ? : Les hackers entre conformation à l’ordre social et volonté d’innover / Changing workplace or society ? : Hackers between compliance with the social order and the will to innovateZufferey, Eric 25 January 2018 (has links)
Cette thèse vise à interroger le hacking comme source de changement social, voire de subversion de l’ordre social. En mettant en jeu une forme d’autodidaxie et un décloisonnement social entre amateurs, professionnels et militants, il fait espérer des changements dans l’accès aux savoirs, ainsi que dans les manières de penser le rôle de la technologie au sein de nos sociétés. Dans le prolongement d’une sociologie bourdieusienne, l’enquête analyse comment la pratique du hacking s’articule aux instances classiques de la socialisation – famille, amis, institutions scolaires, etc. – et examine quels types de mobilité sociale elle produit. En partant des cas de hackers suisses et français, nous montrons que l’autodidaxie se décline différemment selon l’origine sociale et la trajectoire : elle permet les trajectoires les plus ascendantes lorsqu’elle se combine avec la culture scientifique légitime. En cela, les hackers n’échappent à la pesanteur des rapports sociaux de classes, alors même qu’ils développent une propension à transférer leurs manières d’agir et de penser atypiques dans différentes sphères d’activités. La thèse montre que le travail est la principale cible de leurs investissements. Les succès ou les échecs à innover dans la sphère professionnelle expliquent pour une large part les investissements des hackers dans des activités de loisirs, des associations ou des formes de militantisme. Les implications dans la sphère politique restent limitées et ponctuelles, car y accéder suppose d’autres ressources que celles possédées par les hackers. Mettant en évidence la diversité du hacking, ce travail permet d’appréhender la complexité de ses potentiels impacts sociétaux. / This thesis looks at hacking as source of social change, or even subversion of the social order. Hacking involves self-directed learning and remove social barriers between hobbyists, professionals and activists. Therefore, it raises the hope to renew the access to knowledge and the role of technologies in society. In line with the bourdieusian thought on reproduction of social inequalities, the study analyses how hacking articulate itself with the classical instances of socialization – family, friends, school system, etc. – and how it influences social mobility. By studying Swiss and French hackers, it shows that self-directed learning varies according to social origins and trajectories: it enables upward trajectories when it is combined with the legitimate scientific culture. In this regards, hackers do not escape the weight of social classes’ relations, although they are are willing to transfer their unusual behaviors and thought process across different areas of activities. Workplace is generally their main focus. Along with careerpath, success or failures to innovate in the professionnal sphere are key to understand the hackers’ involvement in leisure activities, associations, or various forms of activism. The participation in the political sphere is limited because hackers usually do not have the proper ressources. By highlighting the complexity of hacking, the thesis proposes a better understanding of its potential societal impacts.
|
2 |
Building an Ethical Hacking Site for Learning and Student EngagementLehrfeld, Michael, Guest, Phillip 07 July 2016 (has links)
This research investigates the use of build-your-own capture the flag ethical hacking simulations to help learners engage and understand penetration testing methodologies. Students in a senior level ungraduated ethical hacking class were tasked with the development of a capture the flag platform that scored participants' progress while exploiting a vulnerable web site. Remediation of the found vulnerabilities was also demonstrated to illustrate secure coding best practices. This work chronicles the development of one of the CTF platforms and the process used to develop it.
|
3 |
Examination of hacking and blunt force skeletal traumaPeace, Breana 11 October 2019 (has links)
The present research examines the effects of multiple different implements on long bones to determine if there is a point at which blunt force trauma becomes distinguishable from hacking trauma. Limb bones of the white-tailed deer (Odocoileus virginianus) were used in this research as a substitute for human bone. In addition to the use of purchased tools, seven of the implements used in the present research were created and designed to imitate the size and impact angle of other surfaces possibly found in hacking and blunt force trauma. A hacking machine was used to inflict trauma on the long bones at a consistent, controlled level of force. The resulting trauma was then photographed and analyzed to determine if there is a macroscopically distinguishable point at which an implement will inflict characteristics of blunt force trauma, with no visible hacking trauma characteristics. The analytical observations of the trauma involved scoring for elements such as hacking characteristic appearance as well as the amount of fracturing and fragmentation. The author hypothesized that when the angle of the implement’s striking surface reaches 60 degrees, the trauma would consist of blunt force characteristics and not of hacking characteristics, and a V-shaped kerf would cease to appear. The author also hypothesized that there would be an increase in comminuted fractures in more blunt blade angles, while hacking trauma would exhibit more transverse and oblique fractures.
The present study found that there was a statistically significant relationship between the composite hacking scores and the blade angles (the striking surface of the implement), with a p-value of 0.011. The author concluded that blunt force trauma and hacking trauma can be distinguished by the composite hacking scores, with a score of one indicating blunt force implements and scores of three or four indicating hacking implements. The entrance widths of the impacts also had a statistically significant relationship with the implement blade angles, with a p-value of 0.037. When the elements were bisected as a result of the impact, the data generated was characterized into having bisected into three identifiable fragments or a minimum of four identifiable fragments. With regards to the data for elements with three identifiable fragments, it was found that there was a statistically significant relationship between fragmentation and the implement blade angle, with a p-value of 0.036. When examining the visibility of a V-shaped kerf in the bones, the author concluded that there is a statistically significant relationship between the blade angles and the visibility of these kerfs, with the visibility decreasing around the 60 blade angle (p-value = 0.003). With regards to the fracture patterns, there was a correlation between the appearance of transverse fractures, with a decrease in more blunt blade angles (p-value = 0.004). Additionally, the author discovered a correlation between clean cut impact site appearances and smaller blade angles, as well as with crushing and fragmentation correlating to more blunt blade angles. The data from this research should assist in establishing guidelines to determine the type of trauma inflicted in forensic cases of hacking trauma and blunt force skeletal trauma.
|
4 |
Počítačová kriminalita / Computer criminalityVyhnálek, Aleš January 2007 (has links)
Diploma thesis characterises the most important kinds of computer crime, economically evaluates incurred harms, presents factual examples and a prognosis of the possible way of developement of this kind of crime in the future. Thesis includes legislation regarding the computer crime and possible ways of defending against it. In the end, in the form of a questionary, the thesis monitors the knowledge of students of the Faculty of management in Jindřichův Hradec about the field of computer crime and interprets these results using graphs.
|
5 |
Evaluating LLM based web application penetration testing: How does AI improve efficiency?Brüsemeister, Patrick 10 May 2024 (has links)
Die vorliegende Arbeit untersucht die Verwendung von Large Language Models (LLMs) in Penetrationstests von Web-Anwendungen. Ziel ist es, die Arbeit von Penetrationstestern zu unterstützen und den Prozess zu beschleunigen, um Sicherheitslücken in Web-Anwendungen effektiver aufzudecken und zu beheben. Die Arbeit vergleicht verschiedene Ansätze und prüft, wie LLMs wie ChatGPT und andere die Effizienz des Penetrationstests verbessern können. Es wird evaluiert, ob durch die Anwendung von LLMs der notwendige Aufwand für Penetrationstests reduziert werden kann, um Sicherheitslücken in Web-Anwendungen effektiver aufzudecken und zu beheben. Die Arbeit leistet einen Beitrag zum Thema, indem sie die Möglichkeiten und Grenzen von LLMs im Kontext der Penetrationstestung untersucht, bewertet und den aktuellen Stand skizziert.:1 Intro
2 Basics
2 1 Web Application Security
2 2 Penetration Testing
2 3 Penetration Testing Standards
2 4 Penetration Testing Tools
2 5 Artificial Intelligence
2 6 Large Language Models
2 7 LLM prompting techniques
2 8 AI’s Growing Role in Cybersecurity
2 9 Penetration Testing and AI
2 10 Research Objectives and Scope
2 11 Significance of the Study and Research Question
2 12 Structure of the Thesis
3 Literature Review
4 Market Analysis
4 1 Use of LLMs in Combination with Existing Penetration Testing Software
4 2 Open-Source Solutions Leveraging LLMs
4 3 Commercial Solutions Leveraging LLMs for Cybersecurity purposes
4 4 ChatGPT-GPTs
4 5 Identifying the Need for Optimization in Penetration Testing Processes
4 6 Opinions of Penetration Testers on Generative AI Use
5 Methodology
5 1 Research Methods and Approaches
5 2 Benchmarks Used for Evaluation
6 Concept and Implementation
6 1 Limitations of LLMs
6 2 Deciding Which LLM Models to Use
6 3 Identifying and Executing Tasks with LLMs
6 4 Tailoring the LLM for Penetration Testing
6 5 Resource Requirements
7 Evaluation of LLMs for Penetration Testing
7 1 Interviews: Identifying the use of LLMs for Pentesting
7 2 Preparing the Test Environment
7 3 Evaluation of Command Generation
7 4 ChatGPT Assistant GPT
7 5 Google Gemini Advanced
7 6 Discussion of results
7 7 Answering the Research Question
7 8 Resulting Penetration Testing Workflow
8 Conclusion / The thesis examines the use of Large Language Models (LLMs) in web application penetration testing. The goal is to support penetration testers and accelerate the process, to identify and fix security vulnerabilities in web applications more effectively. The thesis compares different approaches and evaluates how LLMs, such as ChatGPT and others, can improve the efficiency of penetration testing. It is evaluated whether the application of LLMs can reduce the necessary effort for penetration testing, to more effectively identify and fix security vulnerabilities in web applications. The research contributes to the topic by investigating, evaluating, and outlining the possibilities and limitations of LLMs in the context of penetration testing.:1 Intro
2 Basics
2 1 Web Application Security
2 2 Penetration Testing
2 3 Penetration Testing Standards
2 4 Penetration Testing Tools
2 5 Artificial Intelligence
2 6 Large Language Models
2 7 LLM prompting techniques
2 8 AI’s Growing Role in Cybersecurity
2 9 Penetration Testing and AI
2 10 Research Objectives and Scope
2 11 Significance of the Study and Research Question
2 12 Structure of the Thesis
3 Literature Review
4 Market Analysis
4 1 Use of LLMs in Combination with Existing Penetration Testing Software
4 2 Open-Source Solutions Leveraging LLMs
4 3 Commercial Solutions Leveraging LLMs for Cybersecurity purposes
4 4 ChatGPT-GPTs
4 5 Identifying the Need for Optimization in Penetration Testing Processes
4 6 Opinions of Penetration Testers on Generative AI Use
5 Methodology
5 1 Research Methods and Approaches
5 2 Benchmarks Used for Evaluation
6 Concept and Implementation
6 1 Limitations of LLMs
6 2 Deciding Which LLM Models to Use
6 3 Identifying and Executing Tasks with LLMs
6 4 Tailoring the LLM for Penetration Testing
6 5 Resource Requirements
7 Evaluation of LLMs for Penetration Testing
7 1 Interviews: Identifying the use of LLMs for Pentesting
7 2 Preparing the Test Environment
7 3 Evaluation of Command Generation
7 4 ChatGPT Assistant GPT
7 5 Google Gemini Advanced
7 6 Discussion of results
7 7 Answering the Research Question
7 8 Resulting Penetration Testing Workflow
8 Conclusion
|
6 |
Samhällskonsekvenser av bristande IT-säkerhetStenberg, Jan-Ola, Mujanovic, Erko, Stehn, Frank January 2012 (has links)
Antalet företag, organisationer och instanser vars IT-system utsätts för attacker ökar. Något som märks trots att det försöker mörkläggas inom många organisationer. Myndigheter som Polis och Myndigheten för samhällsskydd och beredskap samt IT-personal inom de flesta företag är alla överens om att detta är ett växande problem som måste ses över. Konsekvenser av läckage av känsliga uppgifter kan vara förödande för ett företag, myndighet eller ett helt samhälle. En hel nations demokrati kan hotas av bristande IT-säkerhet och misstro till staten. Görs det tillräckligt för att upprätthålla en säker hantering av känsliga uppgifter och säker kommunikation från alla parter i dagens IT-samhälle? Tar alla sitt ansvar för att bibehålla demokratin vi lever i? Avsätter företagsledningarna på våra svenska företag de resurser som krävs för att IT-säkerheten ska kunna hålla jämn takt med den snabba utveckling i branschen? Tar våra mindre företag sitt ansvar genom att arbeta med IT och informationssäkerhet, trots oförmågan att se sig själva som mål för en attack, eller tillhandahåller de bakdörrar som kan användas av kriminella för att komma åt större företag? / The number of companies, organizations and agencies whose IT systems are under attack increases. This is evident even though many organizations tries to hide it. Authorities like the Police, MSP and IT staff in most companies all agree that this is a growing problem that must be reviewed. The consequences of leakage of sensitive data can be devastating to a company, government agency or an entire community. An entire nation's democracy can be threatened by lack of IT security and mistrust of the state government. Is there enough to sustain the safe handling of sensitive data and secure communication of all parties in today's IT community? Does everybody take responsibility to maintain the democracy we live in? Do the managements of our Swedish companies allocate the resources needed for IT security to be able to keep pace with the rapid developments in the industry? Do our smaller businesses take responsibilities by working with IT and information security, despite the inability to see themselves as the target of an attack, or do they provide a backdoor that can be used by criminals to gain access to larger companies?
|
7 |
Hacking for peace: the case for cyber coercionKemmer, Tara A. 15 September 2021 (has links)
Are cyber capabilities a useful method for coercive diplomacy? If so, what conditions favor successful cyber coercion to produce a desired victim response? This research explores how cyber coercion can be used as a tool of statecraft to change an adversary’s behavior and examines two cases over three temporal values. Examining the two cases of North Korea versus Sony and Russia versus Estonia illustrates practical lessons about the constraints and abilities of the employment of cyber coercion as well as how victim responses operate on a spectrum and can change over time.
In examining George’s seven factors that favor coercive diplomacy and applying them to these cases, this research reveals four additional factors that ought to be included when addressing the dynamics that contribute to a victim changing their behavior in response to cyber coercion. The difference between a low-level attack (e.g. web defacement) compared with a high-level attack (e.g. paralyzing backbone servers) communicates two vastly different levels of threat to a victim and incurs extremely different costs for the victim. These technical aspects of cyber statecraft and their ramifications for cyber coercion are not covered by George’s earlier works on coercive diplomacy, as few people in the 1990s were even considering cyber as a threat landscape.
This research does not provide one generalizable theory of how to conduct cyber coercion; rather, it provides a Utilitarian theory that identifies additional factors that favor cyber coercion and contributes to a conditional generalization. Further, it introduces the idea of examining this change in behavior over time to properly assess the impact of cyber coercion on the totality of the victim’s behavior. Extending the time intervals reveals additional critical data necessary to fully analyze the nature of a cyber coercion dyad. Finally, it provides a hybrid method to attain attribution by fusing social science methodology with cybersecurity techniques. Together, this data and method serve to correct the conventional wisdom on two influential cases; this research traces the process that proves why a correction for each case is warranted; and, it shows how the choices an aggressor makes in its cyber coercive strategy can result in different outcomes for the victims.
|
8 |
Business HackingVillegas, Manuela 20 September 2021 (has links)
El business hacking como marco en la transformación empresarial tangible, medible y sontenible.
La digitalización y las altas expectativas de los consumidores están cambiando radicalmente la forma en que interactuamos, y las organizaciones que saben cómo gestionarlo tendrán éxito. El marco de business hacking tiene como objetivo hacer que la transformación sea tangible y medible, haciendo que el cambio sea sostenible y encontrando nuevas formas de optimizar la cultura y el impacto empresarial.
pasando por todo un modelo accionable de adquisiciòn y retenciòn basado en medios digitales
|
9 |
Beyond Invention: How Hackers Challenge Memory & Disrupt DeliveryLockridge, Timothy Alan 26 April 2012 (has links)
This dissertation uses a case study of 2600: The Hacker Quarterly to consider how the practices of a hacker public might be theorized as a rhetorical activity. The project is contextualized within a history of hacking (building from a narrative that centers on Levy's 1984 book Hackers) and within the arc of recent copyright legislation, specifically the Digital Millennium Copyright Act (DMCA) and the 2011-12 Stop Online Piracy Act (SOPA) debates. Within this framework, the dissertation examines how specific patterns and cases within 2600 might further our understanding of the rhetorical canons of memory and delivery and of dissent in digital spaces.
Specifically, the project presents three practices of memory at work in 2600: Aggregating, Fingerprinting, and Narrating. Drawing on the work of Collin Gifford Brooke and Mary Carruthers, among others, the dissertation examines how texts printed in 2600 present memory not as an inert technology but rather as a practice and a pedagogy—a response to the increasing commercialization of technology. The dissertation then uses Jim Porter's techne of digital delivery to analyze three specific moments in 2600's history (the 1985 U.S. Government raid on New Jersey hackers, the E911 lawsuit, and the DeCSS narrative), illustrating how our spaces of textual production have become increasingly regulated and commercialized and considering how that regulation/commercialization affects our understanding of ownership, circulation, and the public sphere.
Building on Michel de Cereteau's concept of strategies and tactics and Michael Warner's theory of (counter)publics, the dissertation ultimately argues that a history of hacker publics offers one way to reconceptualize and reintegrate theories and technologies of digital circulation into our scholarly work and curricular goals. / Ph. D.
|
10 |
How to hack Growth… : En kvalitativ studie för att bidra till förståelse av begreppet Growth Hacker Marketing samt hur det användsCadjo, Nellie, Cornéer, Clara January 2022 (has links)
Growth Hacker Marketing is a relatively new concept that has emerged as the digitalization and the development of the internet occurred. The purpose of the study is to gain an understanding of the meaning of GHM and how it is used, a concept that is widely applied in the marketing industry but not as widespread in theory. The study has been carried out with a qualitative deductive approach, which means that it is based on the investigated theories, continues to the empirical data in the terms of interviews and then lands in the analysis. The study also shows that a growth hacker that works data driven and with the help of tracking tools, achieves growth for the organization, something that is fundamental within GHM. The growth hacking funnel, which is a method within the subject, is widely used by the investigated companies, however, the explicit term is not necessarily applied. The results also show that the work process within GHM can look different depending on the specific organization and its activities, for example if the company works B2B or B2C. In summary, there are both some similarities and differences regarding the meaning of GHM between theory and empiricism, which could be due to the gap between the academic world and marketing industry.
|
Page generated in 0.1652 seconds