# SecNiche Security Group #

[R] Premature Optimized

! navigation

  • :: Home
  • :: Projects
  • :: Events
  • :: Whitepapers
  • :: Publications
  • :: Advisories
  • :: Tools
  • :: News
  • :: Contact

    • !Blog

    ! Jabbers

    ! About

    Usenix ;login : Hakin9 - Papers Written and Published.



    [Hakin9 Edition] Insecurities in Implementing RSS Feeds - Hacking RSS

    This paper sheds light on the insecure coding practices that affect RSS based web applications and also on their flexibility. The advent of Web 2.0 has enhanced the mobility of content. The inclusion of content has become the sole basis for the inter-working of websites.RSS feeds are used extensively. This serves as an interdependent working platform. But during penetration testing sessions, PHP based RSS applications show vulnerable behavior due to insecure coding. As a result of this, web application robustness is affected



    [Hakin9 Edition] Breaking in Malware Addons.

    This paper covers the working functionality of Malware Add-ons. The add-ons are called Application Extension programs that enhance the functionality of a program. The web browsers use a number of Add-ons as browser helper objects. The transformations in technology have increased the incidence of Malwares.



    [Usenix ;login] - Hacking 802.11 Protocol Insecurities.

    Security and Privacy are two critical entities of any communication protocol. Security itself is a prerequisite for robust implementation of networks. In this article,I dissect the 802.11 [1] protocol attacks possible because of persistent problems in wireless networks. Before going into the attack patterns against the protocol, I will briefly describe how 802.11 works by splitting frames into functional objects.



    [Hakin9 Edition] Reverse Engineering Binaries.

    This paper describes a Level 2 practical analysis of a window binary. It covers the methodical approach to reverse engineer an executable. The binary can be a console program or GUI based. The point of this talk is to understand a hierarchical layout to reverse an application within specific time limits.


    [Usenix ;login] Insecurities in Designing XML Digital Signatures.

    This article encompasses the practical problems in designing XML signatures through the use of APIs. XML signatures are used to provide security to data of any kind whether XML or binary. The confidentiality, integrity, and authenticity of the message has to be preserved when designing a SOAP request for communication. XML API functionality is very versatile but at the same time protection measures have to be included to prevent loss of data..


    [Hakin9 Edition] Demystifying Windows PE Caveats.

    The use of reverse engineering is very useful in application testing. The article will take you from peripheral concepts to the core of applied methods to govern the reverse analysis of windows executable. This sets a realm to reverse engineer an application based on the dynamic code execution. Basically,learning to traverse objects in a program is the prime aim of this article.


    [Hakin9 Edition] Zmbscap : Anti DDos Leaflet.

    The network is full of complexities. I think we can hardly find any network which is free from attack jargon. The network is not monotonous in its context but rather segregated into complex objects. These objects get exploited in every sense. Why? Because the cold war of attacks and prevention is on the way. Attackers or Worm writers do everything to own a box. The networks always get swamped.







    © 2008 SecNiche Security Group