Social Icons

Showing posts with label null – The Open Security Community. Show all posts
Showing posts with label null – The Open Security Community. Show all posts

Tuesday, December 22, 2015

NULL MEET - OWASP : HARDWARE TROJANS

1.    null is India's largest open security community. It is registered as a non-profit society in 2010 and has been active since even before that. null is about spreading information security awareness. Activites such as null Monthly Meets, null Humla, null Bachaav, null Puliya, null Job Portal are for the overall cause of spreading awareness on the evolving cyber threat.


2.  In my continued association with the community I had recently given a presentation on Hardware Trojans which is shared below for info.

Tuesday, July 30, 2013

NULL MEET: Open Source Security Testing & OSSTMM

1.    NULL,Delhi chapter organised this wonderful meet with the OSSTMM Guys incl  Joerg Simon and Fabian Affolter...well...at the time of registration I never knew what's OSSTMM but then we have google to answer that and after reading about OSSTMM....its a great way to broaden your horizons of security domain....It stands for "Open Source Security Testing Methodology Manual" ie OSSTMM...few pics from the meet



2.    More about OSSTMM at the following links :

www.osstmm.org/
https://www.facebook.com/OSSTMM


3.    Thanks to the delhi NULL chapter moderators Sandeep and Vaibhav for arranging the meet and great interaction....




Saturday, April 27, 2013

Cloud Forensics:The State as on Date

1.   Cloud Forensics per se has got two powerful terms of today's buzzing IT World..... that's Cloud and Forensics...when traditional computing methods of forensics are still to mature...Cloud itself has a long way to go before the final matured model comes up...this combination actually refers to the world of CLOUD FORENSICS. NIST defines it as follows :

"Cloud forensics is the application of digital forensics science in cloud computing environments. Technically, it consists of a hybrid forensic approach (e.g., remote, virtual, network, live, large-scale, thin-client, thick-client) towards the generation of digital evidence. Organizationally, it involves interactions among cloud actors (i.e.,cloud provider, cloud consumer, cloud broker, cloud carrier, cloud auditor) for the purpose of facilitating both internal and external investigations. Legally it often implies multi-jurisdictional and multi-tenant situations."

2.   Today at NULLs meet,I got an opportunity to give this presentation on Cloud Forensics....the copy is shown below :


3. About NULL...please read about the community at their website at http://null.co.in/. The team is doing a great job for buzzing IT professionals,students,geeks,script kiddies(like me!!! :-). NULL boasts of an active security community where monthly meets and regular security awareness camps in various Institutions and Organizations are held. Basically a bunch of security phreaks who like to share their technical expertise and hacking skills with each other and spread awareness among the common people about the good, the bad and the ugly side of computers and technology. They believe that sharing the right technical knowledge leads to expertise and innovation.I joined them about 4 months back and have learned a lot in few meets that I attended!!!!!

Sunday, March 24, 2013

Twitter Session Cookie Vulnerability

1.    This one is pretty easy to show and understand..but the only thing not understandable is the fact that it actually exists even today.....so this one is about Twitter Session Cookie Vulnerability.I got to know of this at Null's delhi meet where Rishi Narang (http://www.wtfuzz.com/ )gave this demonstration of which I made a video cast subsequently and uploaded it here at your tube.


2.    In brief it goes like this...u login into your twitter account,an auth_token cookie is generated in the crowd  of various other cookies.Now this cookie only will be able to log you in your twitter account from anywhere across the web....simply watch how to exploit!!!!

3.   Thanks Rishi Narang @ http://www.wtfuzz.com/
Powered By Blogger