Technical

A story of forgotten disclosure and DOM XSS

This post is about a vulnerability disclosure around DOM XSS which as forgotten somewhere during the process and i encountered it recently and then went on my way to get it fixed. This post outlines various learnings and observations i made during this effort.

DroidCAT – Android Application collection for Security professionals

After a gap of 1 month finally releasing the droidcat application. DroidCAT application is developed as part of HaXdroiD project which is right now in closed tested status. Lets talk about DroidCat today. What is Cat-Droid? DroidCat is inspired by firecat and aims to be a one stop solution to finding all ethical hacking / …

DroidCAT – Android Application collection for Security professionals Read More »

Whitepaper : Security Issues in Android Custom ROM's

Today i am releasing the paper which i presented recently at C0C0N conference at ernakulam. this paper outlines where security misconfiguration that can lead to device compromise, data theft and so on. Hope this helps in secure development and deployment of custom ROM’s. http://anantshri.info/articles/android_cust_rom_security.html The link contains download for both my slidepack as well as …

Whitepaper : Security Issues in Android Custom ROM's Read More »

White Paper : Web Application Finger Printing : Methods/Techniques and Prevention

Today I am presenting my work for past some days in form of a white paper. This white paper basically outlines the automated finger printing methods, techniques and ideas for prevention automated methods to work on your site. BTW those who are having wappalyzer on there browsers just enjoy visiting my Joomla Powered Website. 😀 …

White Paper : Web Application Finger Printing : Methods/Techniques and Prevention Read More »

Database protection Techniques : a different prespective

Tips for Db Security Disclaimer : This post keeps in mind the web frontends and web applications based attacks on DB Servers in mind. Any Userid used for web application connectivity should be clipped to specific ip addresses that could be localhost in case of same server usage for Db and App server. If two …

Database protection Techniques : a different prespective Read More »

Scroll to Top