Early this year we witnessed major IT firms suffering from data breaches of one kind or another, and they have come out in the open about the breaches, as well. A couple of examples are Apple and Twitter. It’s going to be costly if the enterprises play according to the old book of rules—develop and… Read More »
An enterprise invests considerable amount of time in its day to day scanning and managing patched for the infrastructure. But, an enterprise psychological analysis shows us otherwise i.e. most of the enterprises shy away from scanning and patching their business critical infrastructure in a fear of interrupting their already established critical applications. Another side of… Read More »
WebView is an essential component in Android and iOS. It enables applications to display content from on-line resources. It simplifies task of performing a network request, parsing the data and rendering it. WebView uses a number of APIs which can interact with the web contents inside WebView. In the current paper, Cross-site scripting attacks or… Read More »
Within few days of its launch, Apple iPhone 5S has faced the wrath of hackers from Germany. The chaos computer club were quoted saying: “Biometrics are not safe” who provided video showing how they could use a fake fingerprint to bypass phone’s security lock screen. See this Youtube video which demonstrates the Hack. http://www.youtube.com/watch?v=HM8b8d8kSNQ “…. fingerprint… Read More »
In this post, we cover some brutal tips to become a successful pentester! First, Get your basics right! Are you already a great system administrator who understands the nuances of many operating systems, or a professional developer who has a deep background in one or more languages? – If yes, this is a huge advantage.… Read More »
Dr. Daniel Singh has sent his presentation to us about HoneyPots. Dr Daniel Singh is a CISO at Technogeeks, A security researcher, evangelist, Certified Ethical Hacker and a ECSA himself. He has also presented papers at International conferences and in the Indian scene he has been an active participant at the DEFCON Bangalore (DC9180) meet.… Read More »
Echo Mirage is a generic network proxy. It uses DLL injection and function hooking techniques to redirect network related function calls so that data transmitted and received by local applications can be observed and modified which can’t be performed by wireshark. To see inside encrypted channels, we can use tools like echo mirage. This tool… Read More »
This post deals about Exploit Research and development. The content for this post is designed by Ajin Abraham. Ajin Abraham is the founder of Xenotix XSS framework. He is an active OWASP member and an active security enthusiast in the Indian security scene. He has presented various papers at Blackhat, DEFCON Bangalore Meet (DCG 9180)… Read More »
The following post explains about basics of exploit writing for beginners by Sabari Selvan of E-hacking news. Sabari Selvan is an Information Security Researcher who has more interest in PenTesting and Malware analysis. – See more at: http://www.ehackingnews.com The post explains the following: a) What is exploit writing b) Impact of exploits c) Introduction to… Read More »
An interesting presentation uncovering the deep web by Mr. Nikhil Kulkarni a.k.a Intrud3r. In his free time, he hunts for bugs, bounties, and penetrates web applications for fun and profit. This paper was presented at DC9180 – DEFCON Bangalore Meet 2013. If you want to know all about TOR – The Onion Router Have a… Read More »
Join the mailing list
Check your email and confirm the subscription
