877.791.9571 |

About the Author:

Ninj@S3c is a Security Analyst with a leading MNC. He is predominantly focused on Application Security, Network Security and Wireless Security. Beyond this, he’s interested in Reverse Engineering and Forensics.
heartbleed04142014

Exploiting Heartbleed

This article explains the Heartbleed bug and shows how it can be exploited.

Overview

Heartbleed is a flaw in implementing the Heartbeat extension of OpenSSL. It is just an extension of […]

firmware-111313

Reversing Firmware Part 1

,

The article will explore various strategies for reversing firmware, with some examples. Finally, some best practices are mentioned.

Embedded Systems and Firmware

Embedded systems are everywhere, in mobiles, cameras, TVs, smart […]

ajax-logo09272013

Ajax Security Issues

This article is about exploring major security issues we come across during assessment of Ajax based applications.

AJAX:
Ajax or ‘Asynchronous JavaScript and XML’ is a relatively new and dynamic technology […]

LinuxDiskForensic06062013

Linux and Disk Forensics

Introduction:

A digital forensic investigation generally consists of five major steps :

Identification

Data Acquisition

Data Recovery

Analysis

Reporting

A brief about various Linux tools available:

There are multiple Linux tools used for imaging and […]

Before You Move to the Cloud

Before you move to the cloud

What is the cloud, anyways?

The term is new, but concept is not. Throughout the history of computing, IT organizations have been using their own infrastructure to host applications, data, […]

chaining-web-proxies-03192013

Chaining Web Proxies to overcome limitations

This article shows a practical example of what is proxy chaining in a web proxy tool and how proxy chaining can be used to overcome limitations of web proxy […]

UnpackingRe-02132013

Unpacking, Reversing, Patching

This article is an introduction of packing, how to unpack, to reverse an exe and finally patching it. I have chosen to show reversing of a sample exe file […]

Secure-Code-Review-02052013

Secure Code Review: A Practical Approach

This article is about different code review techniques and their application in the real world

What you will learn:

What is secure code review and how to deal with them in […]

AndroidApplication-sized

Android Application Assessment

In this article, we’ll discuss THE steps involved in performing A security assessment of an Android based application. We will see the use of various tools and methodologies and […]

downloads-sized

Arbitrary File Download: Breaking into the system

What you will learn:

Introduction to Arbitrary File Download

Difference between Arbitrary File Download and LFI/ RFI

How it is exploited- a real example

Countermeasures

What you should know:

Basic Web related concepts

What is Arbitrary […]