MyLife : Hack : Yahoo Open HackDay 2011

development No Comments »
Open Hack India

Open Hack India 2011

This was my first time attending Yahoo open hackday the event is all fun and a quick way to hacking onto the yahoo api’s.

I specifically focused on one API YQL, which basically claims to do the following


select * from internet

now that raises an eyebrow, in simpler term this is what is we can call a content scrapper’s dream, we get as less as 1000+ data tables which allow us to interact with various websites using well known sql standards.

here we can keep adding more and more tables if needed otherwise we can always revert back to generic tablees like

select * from rss where url =”http://blog.anantshri.info/feed/”

the thing that i like the most was they have given a direct access in the form of yql console you can check that by clicking the above link

http://developer.yahoo.com/yql/console/

I have been trying my luck to brew something for my self and a long lasting itch came back to me and i thought lets try solving the etch here.

so my hack for open hackday 2011 was : MY Life : a social content feed aggregation widget.

basically what i am doing is listed here in simplest terms.

1) take simple userid/username from users for various social networking sites.

2) create a unified feed based on user inputs

3) provide widget (HTML/JS) and PHP code to be used on site based on the user need.

So here is the hosted version of Hack

http://anantshri.info/openhack/mylife/

Note : YQL has rate limit and hence will only be able to fetch content for 10000 times a day. so if you do find output missing then its a good news for me basically my site has crossed 10000 users .

White Paper : Web Application Finger Printing : Methods/Techniques and Prevention

hacking, Technical 4 Comments »

Today I am presenting my work for past some days in form of a white paper.

This white paper basically outlines the automated finger printing methods, techniques and ideas for prevention automated methods to work on your site.

BTW those who are having wappalyzer on there browsers just enjoy visiting my Joomla Powered Website. :D

Here is the link for HTML version of the paper which also includes the PDF version for download.
Web Application finger printing : Methods/Techniques and Prevention
Waiting to hear from the fellows (I am expecting rebuke, criticism, and a bit of appreciation if its worth it)

Chrome Extensions for Security Professionals

hacking, Technical 6 Comments »

Google Chrome Extensions

During Recent days we have seen a phenomenal increase in usage of Google Chrome Browser, however Security Professionals are still looking at Firefox for there day to day life usage, the basic reason behind it is large set of firefox extensions backing it up, we have also custom builds like OWASP Mantra doing the round.

So for those who love using Google Chrome and still miss the large plugin base here is a list of must have plugin set for the Security professional’s.

Note : Usage could be offensive and defensive both, its upto the user to decide. the content here is for informational purpose only

CAUTION : LONG POST …. continue below only if you can give time coz this post is large.

Read the rest of this entry »

Previous Entries Next Entries