Prateek Gianchandani
Prateek Gianchandani, a recent IIT graduate, has interests in the field of Penetration Testing, Web Application Security and Intrusion Detection. He is currently a researcher for InfoSec Institute. In the past he has worked for security-based startups.
You can contact him at prateek.searchingeye@gmail.com and on twitter @prateekg147 or you can visit his personal website at highaltitudehacks.com
Hacking
Hacking web authentication - part one
Authentication is the process of validating something as authentic. When a client makes a request to a web server for accessing a resource, sometimes the web
Secure coding
iOS application security part 47 — Inspecting apps with Frida
In this article, we will talk about Frida. Frida is a dynamic instrumentation toolkit which can prove to be extremely useful in iOS application assessments.
Hacking
DNS hacking (beginner to advanced)
DNS is a naming system for computers that converts human-readable domain names e.g. (infosecinstitute.com) into computer-readable IP-addresses. However, some
Application security
One of the most common misconfiguration issues that I find during testing iOS apps is the bypass of the App Transport Security feature introduced by Apple in
Secure coding
Developing Secure Java Code - Best Practices for a Team
The following whitepaper shall introduce to us the basic practices to be followed to write secure Java code. The following topics are touched on- general cod
Application security
Enhancements in Damn Vulnerable iOS app version 2.0
In this article, I would like to give a quick walkthrough of the new vulnerabilities and challenges that we have added in version 2.0 of Damn Vulnerable iOS
Application security
Bypassing Jailbreak Detection Using Xcon
In this small article, we will look at a very handful utility named Xcon for bypassing Jailbreak detection. As per the wiki page ... xCon is a collaborative
Secure coding
iOS Application Security Part 42 - LLDB Usage continued
In this article, we will look at some of the most important commands in LLDB to debug applications. If you have been following this blog series, you would ha
Application security
iOS Application Security Part 41 - Debugging applications using LLDB
In this article we will learn about the LLDB debugger used by Apple's Xcode for debugging applications, understand why it is better for security testing, and
Application security
iOS Application Security Part 40 - Testing apps on your Mac
In this article, we will discuss the extent to which you can test applications on your Mac rather than the device. This could be useful for many reasons, som
Application security
Android Application hacking with Insecure Bank Part 4
In this article, we will look at a very handy framework for analysis of android applications named Drozer. Drozer is a very useful tool as it eliminates the
Application security
Android Application hacking with Insecure Bank - Part 3
In this article, we will look at attacking components in Android applications, starting with activities. But first, it is essential to understand what Androi