877.791.9571 |

Monthly Archives: April 2013

Google Hacking: The hidden face of Google

No need for an introduction, Google is quite possibly the more powerful search engine used today, even used sometimes to check our connectivity; except that the power of the single search bar on the top of Google has become a source of concern for many, and if not they […]

Stack analysis with GDB

1. Introduction

This article describes the stack. GDB is used to analyze its memory. One needs to know this subject to play with low-level security.

Environment: x86, Linux, GCC, GDB.

2. Registers

The following registers are mentioned in the article:

ESP (points to the top of the stack)
EBP (is used as a reference when […]

The Import Directory: Part 2

You can take a look at the previous article before reading this one. If you already understand the basics of IAT table, then you can skip the first article, but otherwise you should read that before continuing below.

Presenting the Example Import Directory

Let’s use the !dh command to dump the PE […]

GhostNet – Part II

Behind the GhostNet notion stands an entire international worldwide network of infected computers belonging to places having high political, economic, media, or emblematic importance. One result among many in the IWM investigation concludes that sensitive documents are being removed. Atypical for a conventional cybercrime operation, the size of the […]

  • IOS-app-security
    Permalink Gallery

    IOS Application security Part 1 – Setting up a mobile pentesting platform

IOS Application security Part 1 – Setting up a mobile pentesting platform

Introduction

In this article series, we will be learning about the tools and techniques required to perform penetration testing and Vulnerability assessment on IOS Applications.

Jailbreaking your device

If you are serious about IOS security, then having a jailbroken device is a must. In this section, we will look at how we […]

Windows Authentication: Dot NET Security Part 2

Introduction

The .NET framework caters to different types of authentication mechanisms to use within your applications – —including basic authentication, digest authentication, forms authentication, Passport, and Integrated Windows authentication. You also can develop your own custom authentication mechanisms; for instance, Windows authentication that matches web users to Windows user accounts […]

Botnets and Cybercrime – Botnets hunting – Part 3

Botnets and cybercrime – Introduction can be found here
Botnets, how do they work? Architectures and case studies – Part 2 can be found here
Introduction
Security experts use several key technologies to combat botnets, according to Group-IB’s Head of international projects, CERT-GIB CTO, Andrei Komarov. One of the leading companies in […]

  • Voice Phishing
    Permalink Gallery

    Phishing Techniques: Similarities, Differences, and Trends: Part III: Vishing

Phishing Techniques: Similarities, Differences, and Trends: Part III: Vishing

For Part I, which discusses Mass Phishing and which sets the objects of examination in this paper, please check here.

For Part II, which discusses Targeted Phishing, please check here.

Vishing

Vishing (Voice phishing) is a type of phishing —a social engineering technique, whereby the scammer is not aiming to collect the […]

GhostNet – Part I

Introduction

Several years after the revelation of GhostNet, a massive case of cyber exploitation directed mostly against the Tibetan community, in terms of originality, this contribution appears as an interesting survey of the events happened pre and post that period.

In GhostNet part I, the reader can learn more about the […]

The Import Directory: Part 1

We know that when the operating system loads the executable, it will scan through its IAT table to locate the DLLs and functions the executable is using. This is done because the OS must map the required DLLs into the executable’s address space.

To be more precise, IAT is the […]

Cracked Web Applications Leak Credentials and Data

If you’ve been paying attention to vulnerabilities in web applications, you’ve certainly heard of attacks involving SQL injections, cross-site scripting, and poor session management. Thanks to the efforts of groups like OWASP (http://www.owasp.org), many responsible software vendors and open source project leaders now treat these types of vulnerabilities seriously, […]

Running Metasploitable2 on VirtualBox

Background:

Metasploitable is a Linux-based vulnerable virtual machine. It is designed especially for people interested in learning system exploitation. Rapid7 maintains Metasploitable and this virtual machine is downloadable from their website. I’d played around with the 1st version of Metasploitable, but did not have much idea about the second version. […]

By |April 23rd, 2013|Hacking|3 Comments
  • Botnets and cybercrime – Introduction
    Permalink Gallery

    Botnets, how do they work? Architectures and case studies – Part 2

Botnets, how do they work? Architectures and case studies – Part 2

In the first part of this of this mini-series on the botnet cyber threat, we have shown the current scenario and the technological evolution in security landscape. Malicious architectures are increasingly becoming one of the principal problems for security experts. Click here to see previous article.

Various researches conducted by […]

Snort Rule Writing for the IT Professional: Part 3

Welcome back to my continuing series of articles on Snort rule writing.

My first couple of installments in this series addressed some very simple rules in order to lay down a conceptual framework for the development of more complex rules. See Part 1 and Part 2.

In this article, we will […]

Software Patent Law: EU, New Zealand, and the US compared

1. Introduction

A patent is defined as an exclusive right or rights provided by a government to an inventor for a certain period of time in exchange for the public disclosure of an invention. A software patent is a patent for an invention involving software. The extent to which software […]

  • Permalink Gallery

    Massive Vulnerability CVE-2013-0027 Owns/Strikes Internet Explorer 6 to 10

Massive Vulnerability CVE-2013-0027 Owns/Strikes Internet Explorer 6 to 10

The recent major vulnerability CVE-2013-0027 flooded almost all versions of Microsoft Internet Explorer and affected operating systems like Windows XP, Vista, 7, and 8, including all the major server versions too. Some thirteen privately reported vulnerabilities were recently resolved in a security bulletin by Microsoft.

The vulnerability, now marked as […]

The Export Directory

Simple Example of Export Directory

Let’s take a look at a simple example to understand how the export directory is used by the executables/libraries. Let’s suppose that we’re dealing with a .dll library that has 10 exported functions, so the NumberOfFunctions=10. It has 5 names, so the NumberOfNames=5. Because it […]

Phishing and Social Engineering Techniques

Internet usage is growing dramatically, but the vast majority of internet users don’t have any security backgrounds. Neither do a large majority of companies care about information security and the severity of any attack that could harm the valuable assets of these companies. They don’t give their employees security […]

Android Forensics

The article tries to cover various Android forensic techniques that can be helpful in a variety of situations. The techniques or discussions below can be either logical or physical. However, we will try to stick mostly to logical techniques. By the word ‘logical,’ the technique would mostly involve accessing […]

By |April 17th, 2013|Forensics|9 Comments

.NET Framework CLR: Common Language Runtime

Introduction

The point of this article is to lay down the conceptual groundwork of numerous .NET related topics such as CLR, CTS, CLS, Managed Code, JIT Compilation, Security, Assemblies and Reflection. You will also understand the relationship between various aspect of .NET framework, such as Common Type System (CTS) and […]