877.791.9571 |

About the Author:

Ajay Yadav is an author, Cyber Security Specialist, SME, Software Engineer, and System Programmer with more than eight years of work experience. He earned a Master and Bachelor Degree in Computer Science, along with abundant premier professional certifications. For several years, he has been researching Reverse Engineering, Secure Source Coding, Advance Software Debugging, Vulnerability Assessment, System Programming and Exploit Development. He is a regular contributor to programming journal and assistance developer community with blogs, research articles, tutorials, training material and books on sophisticated technology. His spare time activity includes tourism, movies and meditation. He can be reached at om.ajay007[at]gmail[dot]com
buffer04232014

Buffer Overflow Attack & Defense

Abstract

This paper attempts to explain one of the critical buffer overflow vulnerabilities and its detection approaches that check the referenced buffers at run time, moreover suggesting other protection mechanics […]

csharp-core-04012013

Invoking Assembly Code in C#

Abstract

This article explains the techniques of inline Assembly programming by linking or invoking the CPU-dependent Native Assembly 32-bit code to C#.NET managed code. The .NET framework in fact doesn’t […]

visual-studio-2010-03072013

Assembly Programming with Visual Studio.NET

MASM is maintained by Microsoft and is an x86 assembler that consumes Windows and Intel syntax to produce a COFF executable. It is compatible for both 16 bit and […]

asp-dot-net-04112014

ASP.NET Website Optimization

Writing optimized website code is considered to be one the most complicated tasks. Hence, this paper explores amazing server side configuration techniques and various improvements to boost-up your ASP.NET […]

pentest04102014

.NET Penetration Testing: Test Case Cheat Sheet

Having a cheat sheet is a perfect starting initiative to assist you in generating ideas while penetration testing. A test case cheat sheet is often asked for in security […]

SessFixBug04022014

Hunting Session Fixation Bugs

Improper handling of session variables in asp.NET websites is considered a serious threat and opens various doors to malicious hackers. For instance, a session variable could be manipulated in […]

ExploitInfoDisclose03262014

Exploiting by Information Disclosure, Part 1

Information disclosure is considered to be a serious threat, wherein an application reveals too much sensitive information, such as mechanical details of the environment, web application, or user-specific data. […]

SecuringURL02212014

Vulnerable Encoded URL

This paper especially pinpoints the poor practice of cryptography in URL, which is typically implemented to encrypt sensitive data residing in the website URL in the form of a […]

SSL-02052013

Applied SSL in Dot NET – Volume 2 –Installation, Testing

The first volume of this series addressed the hypothesis of the secure socket layer (SSL) in the context of .NET based websites. We have obtained a thorough understanding about […]

SSLinDotNET03052014

SSL in Dot NET – Volume 1 – Hypothesis

Abstract

Typically, Internet banking and e-commerce websites are considered to be highly secure, with web mechanisms that implement more foolproof solutions for user authentication, such as client-side digital certificates rather […]

Champu02182014

Reverse Engineering with Reflector

Abstract

We have already got the taste of reverse engineering with Reflector in the previous paper. It was basically a kick-start about this dissembling tool in terms of presenting its […]

ReverseIDA02172014

Applied Reverse Engineering with IDA Pro

This editorial is committed to subverting the essential security restriction mechanisms of a native binary executable by employing the IDA Pro Dissembler. This paper is basically elaborating a very […]

inject02142014

Injecting Spyware in an EXE (Code Injection)

Implanting malicious code in the form of spyware to an existing running process is one of the more sophisticated tasks. Before the advent of disassembler or patching tools, the […]

CompilerDev02072014

C# Compiler Development

Introduction

This article elaborates the complete life cycle of making a custom interactive C# compiler, much like one of an existing CSC.exe. It is hard to imagine such a custom […]

javaBytecode01312014

Java Bytecode Reverse Engineering

Abstract

This article is especially designed to show how to crack a Java executable by disassembling the corresponding bytes code. Disassembling of Java bytecode is the act of transforming Java […]

DLLinjector01162014

Disassembler Mechanized Part 4: DLL Injector Development

Introduction

We have already presented a couple of papers on modifying binaries through IDA Pro and OllyDbg disassembler, where we added functionality to an executable by modifying the code directly, […]

CodeInjection01162014

Disassembler Mechanized Part 3: Code Injection Operation

Introduction

This article is a continuation of the previous effort of writing the “Disassembler-Mechanized” series, in which we are showing the process of developing special software which disassembles source code […]

disassembler01152014

Disassembler Mechanized Part 2: Generating C# and MSIL code

Introduction

In the previous papers, we have showcased the essential configuration in terms of external DLL importing into the solution and NuGet package installation. As we have stated earlier, the […]

Dis-Mech01032014

Disassembler Mechanized: Part 1 – Coding of Disassembler

We have practiced much disassembling by using assembly de-compilation tools such as Reflector, ILSpy, etc. Although such tools offer many advantages and are in widespread use among crackers, security […]

metasploit-01

The Mechanics of Metasploit

Metasploit is exquisitely prevalent amongst penetration testers and especially hackers because it makes it very easy to develop and launch exploits for software vulnerabilities. This paper exclusively demonstrates how […]