877.791.9571 |

About the Author:

Karthik is a cyber security researcher at Infosec Institute and works for Cyber Security and Privacy Foundation (a non-profit organization) as a researcher, in India. He finds deep interest in Information security as a whole, and is particularly interested in VA/PT and serving to the cause for Nation's Security.
APT-10302013

What We Learned from APTs in the Current Year

Early this year we witnessed major IT firms suffering from data breaches of one kind or another, and they have come out in the open about the breaches, as […]

securosis09262013

Enterprise Security Management

An enterprise invests considerable amount of time in its day to day scanning and managing patched for the infrastructure. But, an enterprise psychological analysis shows us otherwise i.e. most […]

MobileDevice-07252013

The Mobile Device Management Saga: An SIEM (Security Information Event Management) perspective

Wikipedia defines Mobile Device Management (MDM) solutions as solutions that secure, monitors and supports mobile devices, deployed across various Mobile service providers and operators. This domain of technology sweeps […]

maze-06252013

Cracking the Maze of Advanced Persistent Threats!

Advanced Persistent Threats, as the name suggests, are advanced, persistent and deadly in their nature. The ghost of APTs can affect any organization at any moment of time. Security […]

attack-defend

Advanced Persistent Threats – Attack and Defense

Advanced Persistent Threats (APT) was originally coined while nations were involved in cyber-espionage. These techniques are used by cyber-criminals to steal data for monetary gains. Unlike other threats, these […]

L7Analysis

L-7 Protocol analysis

Traditional intrusion detection systems have always relied on protocol specific analysers to extract the context of the traffic stream. Basically, an intrusion detection system checks for the pattern of […]

Google Hacking

Google Hacking – For fun and profit – I

Google has been used ever since its beginning to find answers for most if not all of our questions from the beginning of the universe to even finding cure […]

google-chrome03202013

Pimp my Chrome

You might be wondering about the title. Let me tell that you shall have your answer by the end of this story.

Hacking has been considered as a mysterious act […]

STRIDE-02212013

Threat Modeling – Finding defects early in the cycle

Finding a proven pattern to find defects early in your cycle saves not just money but also the time required to patch those defects. Threat modeling is a tested […]

Identity-management-02152013

Identity Management Solutions

Identity management as a platform is an emerging branch of Information security. Top vendors such as Microsoft, IBM, and Oracle have taken serious plunges into the Identity management arena. […]

Web-App-fingerprint-sized

A prototype model for web application fingerprinting: w3 scrape

,

Introduction:

Web application fingerprinting is one of the most important aspects of the information gathering phase of ethical hacking. This allows us to narrow down the criteria instead of playing […]

hammer

Eight Handy Security Tools for a Novice

Here is a compilation of a few tools that we need to be aware of. The power, the performance and the capabilities of these tools are limited only to […]

bluecomputerconcept

Quick and Dirty BurpSuite Tutorial

In this article, we are going to see another powerful framework that is used widely in pen-testing. Burp suite is an integration of various tools put together to work […]

Botnet-Image-2_wm

Sneak Peak into the Art of Exploitation

It’s a well-known saying that gathering maximum information about the enemy is half the work done in defeating him. The same holds true when you are about to attack […]

metasploit-01

System Exploitation with Metasploit

Metasploit is an exploit development framework that facilitates penetration testing of IT systems. This tool initially started off as a game and was taken over by Rapid 7 for […]

800pxus_air_force_u2_reconnaissance

Reconnaissance with Images

Gathering data on a target is extremely important if we plan to execute an attack in a more efficient manner. A typical attack scenario starts with a long reconnaissance […]

cloud-computing-diagram-small

Virtualization Security in Cloud Computing

Virtualization Security in Cloud Computing
2011 ended with the popularization of an idea: Bringing VMs (virtual machines) onto the cloud. Recent years have seen great advancements in both cloud […]