React OS – Built on Windows NT architecture

People of India/Gov/Corporate may start testing the alpha version of reactOS which is built with Windows NT architecture and can almost run any windows binary files. It could be replacement of Microsoft Windows in long run. Let the researchers in India start using this. CSPF is certifying ReactOS after extensively using it for last six… Read More »

Netbanking Security Presentation

Netbanking in Indian banks have various issue. There are issue where there is no server side validation, there are issue relating to keyloggers/trojans like zeus which can compromise OTP. Are banks doing enough. This is  presentation done by one of the researchers in india. All netbanking users are advised to secure their PC with a.… Read More »

Program to Block all Removable Drives/CDROM in Network

The toughest job for CISO/IT manager/even an end user is to protect his data on the computer. One of the main programs which is used to do this is Antivirus/Patch management/Firewall/DLP. DLP has been one of major requirements for corporate. Only a few major vendors like Symantec, Comodo have good DLP solutions which are often… Read More »

Antivirus Tests for Indian Environment

Most international tests are useless when it comes to antivirus for Indian computers. Most of Indian computers are preinfected. we have conducted a few tests with samples which verify if a product is good. we found only Avast and Eset NOD32 to be best in Antivirus products suited for Indian Environment. Eset NOD32 test Results:… Read More »

Linux x86 Reverse Engineering

Most of the Windows as well as Linux based programs contains bugs or security holes and/or errors. These bugs or error in program can be exploited in order to crash the program or make system do unwanted stuff Exploit usually attacks the program on Memory Corruption, Segmentation Dump, format string, Buffer overflow or something else.… Read More »

Recover Gmail password Vulnerability

Oren hafif, a Security researcher discovered a major workflow related bug in gmail account recovery allowing the users to hijack any given GMAIL account. He points out that, GMAIL stands for Global Main Authentication and Identification Library. This is a type of the password reset vulnerability, in the hacking process attacker have to send an email… Read More »

HTTP Request Hijacking for iOS

Researchers from Skycure have revealed an interesting vulnerability which we tried out in our labs. This vulnerability has the potential to hijack a number of apps on the iOS platform. The attack is a variant of Man in the middle attack. If an app is used on an insecure Wi-Fi network, an attacker can intercept requests… Read More »

Security Testing for the QA

As a professional QA engineer it’s a part and parcel of one’s day to day life to test the limits of the application in terms of functional and non-functional requirements. This tutorial focuses on understanding and implementing security testing methodologies in your day to day testing so that the most common security threats and vulnerabilities… Read More »