Category: White papers

Security Issues in Android Custom Rom – Whitepaper

Author: Anant Shrivastava

Android is a software stack for mobile devices such as mobile telephones and tablet computers
developed by Google Inc and the Open Handset Alliance. Android consists of a mobile operating system
based on the Linux kernel, with middleware, libraries and APIs written in C and application software
running on an application framework which includes Java-compatible libraries based on Apache
Harmony. Android uses the Dalvik virtual machine with just-in-time compilation to run compiled Java
code. – WIKIPEDIA
In Simple terms Android is the operating system behind +40% smart phones and 10-20% tablet market.
There are various manufacturers backing this OS including the likes of Samsung, Motorola, Sony
Ericsson, LG, HTC and many more.
Based on Linux kernel large part of the android source code is available in public space (except few
google specific products and honeycomb or 3.X series ). This provides the unique opportunity for one
and all to have a custom phone for him.

Web Application Finger Printing – Methods/Techniques and Prevention

Author: Anant Shrivastava

Web Application Finger Printing – Methods/Techniques and Prevention

This Paper discusses about a relatively nascent field of Web Application finger printing, how it is
performed in the current scenarios, what are the visible shortcomings in the approach and then
discussing about ways and means to avoid Web Application Finger Printing

Cracking Salted Hashes

Author: Rahul Sasi (fb1h2s)

Web Application Security: – The Do’s and Don’ts of “Salt Cryptography”

Data Base security has become more critical as Databases have become more open. And Encryption which is one among the five basic factors of data base security.
It’s an insecure practice to keep your sensitive data like Password, Credit Card no etc unencrypted in you database. And this paper will cover the various Cryptography options available and do and don’t them.
Even if you have encrypted your data that doesn’t mean that your data’s are fully secured, and this paper will be covered in an Attacker perspective.

Reverse Honey Traps – Beating Online Anti-virus Engine in its Own Game

Author: Rohit Bansal (RB1337) / Aditya K Sood (0kn0ck)

Web based online anti viruses are used heavily for scanning malware files and providing the resultant output. There are number of online service providers which perform inline scanning of uploaded malware executables by the normal user or the victims. This process is based on the hierarchical functions and different steps opted to analyze the viruses and other worm activities. The infections occur dynamically when the executable becomes active in the environment. Everything is automated in this process as servers residing at the backend scan the executable and sent the information to other third party servers for secondary analysis or updating their record directly. That’s how the normal functioning of free online malware scanner works.