Pranshu Bajpai

Pranshu Bajpai (MBA, MS) is a researcher with a wide range of interests. He

has authored several papers in international journals and has been

consistently hired by top organizations to create technical content. He has

been a technical reviewer for several books. Currently, he also does

independent research for InfoSec Institute. In his free time, he enjoys

listening to classic rock while blogging at

You can contact him at bajpai [dot] pranshu [at] gmail [dot] com or


Pranshu Bajpai

Exploiting Vulnerable Systems

Exploits are specially crafted to take advantage of specific security vulnerabilities that are discovered after the vulnerability assessment phase. Exploitat

The Perils of Inadequate Key Size in Public Cryptosystems

A public-key cryptosystem is an asymmetric cryptosystem where the public key and the private key form a mathematically related key pair. The public key acts

Lessons from Deficient Java Applet-based Authentication

Java Applets are bytecodes that are delivered via the browser, and executed using the Java Virtual Machine (JVM) at the client-side. Java Applets can access

The Pitfalls of Client-Side Authentication: Solutions to Net-Force JavaScript CTF challenges

Client-side authentication is when authentication checks are performed completely at users' side. The idea is that the authentication procedures, methods, or

Defeating Conundrums: Solutions to Net-Force Internet CTF Challenges

About Net-Force Internet Challenges These challenges require that you provide the correct passwords that are revealed to you after solving them. The challeng

Solutions to net-force cryptography CTF challenges

Cryptanalysis refers to the study of ciphers with the objective of breaking the code and obtaining plaintext (sensible) information. While older cryptosystem

Solutions to Net-Force steganography CTF challenges

Steganalysis refers to the process of locating concealed messages inside seemingly innocuous 'containers'. The idea behind steganography is embedding plainte

Wi-Fi Security: Securing Yourself against Practical Wireless Attacks

While the access points in organizations are usually under the protection of organization-wide security policies, home routers are less likely to be appropri

TrueCrypt Security: Securing Yourself against Practical TrueCrypt Attacks

The need to defend confidentiality of our sensitive information against persistently rising cyber threats has turned most of us toward using encryption on a

Antenna theory for wardriving and penetration testing

Wardriving is an activity in which a person seeks wireless access points in moving vehicles with high gain antennas mounted on the top. Usually, this access

Forensics investigation of document exfiltration involving spear phishing: The M57 Jean case

Humans are often the weakest link in the security chain. In his book The Art of Deception, renowned hacker Kevin Mitnick explains how innate human tendencies

Windows registry analysis with RegRipper – A ‘hands-on’ case study

Every analysis begins with specific goals in mind. As a forensics investigator, you are expected to know the type and importance of information you are looki