headermask image

header image

category archive listing Category Archives: security

OWASP AppSec Conf Delhi - Day 2; and more

The pictures of Day 2 are here.
The second day consisted of 6 workshops - 3 before lunch and 3 after. I was confused on choosing between Sheeraj Shah and Mano Paul’s workshops during the first half; and Jason Li’s talk on “Web 2.0  Security” and “Secure Code Review” workshop (originally by Dinis Cruz, but conducted [...]

OWASP AppSec Conf Delhi - Day 1

Special Note: I don’t have my Canon EOS 350D with me nowadays, so I had to borrow my roomates Canon Powershot. The quality sucks, but still, the pictures are here.
I’ll be honest, going by the conf prices and some of the talk titles; I was expecting OWASP AppSec Delhi to be targeted mainly for [...]

SecurCamp and back.

I spent the first half of the day at SecurCamp -1 (or Security Barcamp). It always great to get together with the community and today was no different. It came a sweet surprise to me that I have quite a few acquaintances in the community. The best part of the whole day, however, was getting [...]

Reviving OWASP Bangalore Chapter

The OWASP Bangalore Chapter met after almost an year today, and I was priviledged to be a part of it. As happens often with technical groups, including LUGs (Linux User Groups), they tend to loose participation and go to indefinite hibernation mode. OWASP-Bangalore’s fate was no different.

Anyhoo! The important point is that we finally met [...]

SecurityCamp is here, where are you?

Update: OWASP Bangalore Chapter is meeting on 29th June, i.e. Sunday, morning at 9:00 AM at Indian Coffee House. M.G. Road, Bangalore. Join us, if you can.
I feel extremely glad to announce that Security Camp, the first security Barcamp in Bangalore (as far as as I know) is on12th of July. It’s being hosted by [...]

A new home for us :)

Link
People who know me, know that I desist Social networking portals. Don’t worry, this post isn’t another rant. It’s more of an announcement that I’ve joined a Social Network
Yup! The guys at GNUCitizen have started a social network for hackers, and very intelligently named it House of Hackers. I’d like to call it [...]

A Phish floating in Google Survey!

Demo
1. Phizy-Phizy-Phizy
I have always loved making this phizy-phizy-phizy sound purposelessly, which I once heard in a Rob Schneider movie (which, if I remember correctly, was a pathetic movie). Anyhoo! I, now, have a set of very strong reasons to move around repeating the same lines.
First, we received a request to be involved in a [...]

What a new year Gift! :)

It brings me immense pleasure to inform you that w3af (web application attack and audit framework) has been named the Best Application Scanner in BEST IT Security and Auditing Softwares 2007 list prepared by Security Database.
I had mentioned in a few previous articles that I see immense potential in w3af. I must, however, [...]

AdSense exploited by malware (Trojan.Qhost.WU)

1. Life & Code

(The title of this section is taken from Johnny’s blog of the same name, Life and Code. Although my implementation of the phrase isn’t in terms with Johnny’s, yet I could resist using it. )
Life: Three days ago I found that there are some strange entries in my local Apache web [...]

Orkut Latest XSS Worm; and what it means for Indian Orkuteers

Update: Kishor reports a flaw in the implementation of “private” videos feature on Orkut. Although I am at office and I haven’t checked it yet myself, I believe I can trust him, based on his posts at Slackers. Nice one Kishor.

1. YAWN [Yet Another Worm, Nanny]

Orkut (Google’s MySpace and Facebook for Indian, Pakistan [...]