SecNiche Security Labs Driving Element of Innocuous Minds.

Optimized Derivative of Complex Security

We stick to basics in order to understand the artifacts of computer security. We respect the researchers and hackers who work diligently to support community at par. We believe in deciphering the hidden elements of security.



HOME



[August 2011] Dissecting Java ServerFaces for Penetration Testing

Paper


[July 2011] Declarative Security - Browsers (Project)

Project


[July 2011] Design Flaws in IP Surveillance Cameras - Exploiting Web Interfaces

Cigital - Paper


[July, 2011]Digging Inside VxWorks (Research Paper)

Project


[June 2011] ToorCon Hacking Conference - Browser Exploit Packs - Exploitation Tactics

Presentation


[June 2011] Source Security Conference - Art Of InfoJacking (Network Device Hidden Devices)

CIGITAL - Presentation | CIGITAL - Blog


[2010] Advisories and Recommendations

ORACLE Website

Inherent redirection vulnerability has been notified to Oracle security team which can be used to spread malware. Oracle Security team verified the issue and working on the patch.

CVE-2010-2404 : Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment File Uploading Module- E-Business Suit
CVE-2010-3684 : Synology Disk Station Script Insertion and Remote Command Execution Vulnerability
CVE-2010-3200 : Microsoft MS Word MSO Null Pointer Dereference DoS Vulnerability

Check Point Website

Website security issues have been notified to Checkpoint security team . Thanks to CheckPoint Security team for correcting the issue.


[August, 2010]Malware Research at Stake - New Project (Analysis straight from the hidden and underground)

Malware Research Blog


[January, 2009] SCMagazine Interview regarding Google Chrome Clickjacking

Google Chrome 1.0.154.43 ClickJacking Vulnerability.
About Interview and SC Magazine Article
http://zeroknock.blogspot.com/2009/02/more-towards-clickjacking-simulating.html

Other News

http://www.eweek.com/c/a/Security/From-Internet-Explorer-8-to-Google-Chrome-an-Eye-on-Clickjacking/
http://www.scmagazineus.com/Google-working-on-fix-for-clickjacking-vulnerability-in-Chrome/article/126658/
http://news.zdnet.co.uk/security/0,1000000189,39605988,00.htm
http://news.cnet.com/8301-1009_3-10152438-83.html
http://rcpmag.com/news/article.aspx?editorialsid=10563
http://www.heise-online.co.uk/security/Popular-browsers-continue-to-be-vulnerable-to-clickjacking-attacks-Updated--/news/112518