Hacking web authentication – part one
Authentication is the process of validating something as authentic. When a client makes a request to a web server for accessing a resource, sometimes the web...
Prateek Gianchandani
Prateek Gianchandani, a recent IIT graduate, has interests in the field of Penetration Testing, Web Application Security and Intrusion Detection. He is currently a researcher for InfoSec Institute. In the past he has worked for security-based startups.
You can contact him at prateek.searchingeye@gmail.com and on twitter @prateekg147 or you can visit his personal website at highaltitudehacks.com
iOS application security part 47 — Inspecting apps with Frida
In this article, we will talk about Frida. Frida is a dynamic instrumentation toolkit which can prove to be extremely useful in iOS application assessments....
DNS hacking (beginner to advanced)
DNS is a naming system for computers that converts human-readable domain names e.g. (infosecinstitute.com) into computer-readable IP-addresses. However, some...
App Transport Security
One of the most common misconfiguration issues that I find during testing iOS apps is the bypass of the App Transport Security feature introduced by Apple in...
Developing Secure Java Code – Best Practices for a Team
The following whitepaper shall introduce to us the basic practices to be followed to write secure Java code. The following topics are touched on- general...
Top PHP Secure Coding Practices for a Team
This whitepaper will discuss basic PHP secure coding practices that should be followed when working in a team environment. In this paper you will learn how...
Enhancements in Damn Vulnerable iOS app version 2.0
In this article, I would like to give a quick walkthrough of the new vulnerabilities and challenges that we have added in version 2.0 of Damn Vulnerable iOS...
Bypassing Jailbreak Detection Using Xcon
In this small article, we will look at a very handful utility named Xcon for bypassing Jailbreak detection. As per the wiki page ...
xCon is a collaborative...
FAT binaries & LLDB usage continued
In this article, we will talk about FAT binaries and see more usage of LLDB.
Fat binaries are single binaries that are compiled for different architectures....
iOS Application Security Part 42 – LLDB Usage continued
In this article, we will look at some of the most important commands in LLDB to debug applications.
If you have been following this blog series, you would have...