Aditya K Sood's (0kn0ck) Blog

I have added new tools on secniche portal. The brief introduction is provided below:

1. brbind_v(1.0) : It basically brutes the listening sockets for the flags and the provide the stateful information. It also provides raw stats for protocol used by system itself.

2. pemap_v(1.0) : This tool dissects the any portable executable file into its relative composite objects like debug directory stats , function entry points , raw data , headers etc. Good for portable executive mapping.

3. gs_cookie_gen : This tool projects simply the working behavior of guard stack cookies. The cookie generation is based on different system functions.

Link : http://www.secniche.org/tool.html

This entry strictly deals with the Thread Optimization Checks. When the concept of optimization is undertaken the Profiling of code is a Logical aspect that has to follow. For smaller segments of code [ single line command execution] , process of Micro profiling is followed. When larger codes are encountered , the Macro profiling is applied. When any process is initialized , threads will be generated based on the code that is executing. For all type of functions defined and called , it will generate a thread in system state during execution. The Instruction Usage plays a crucial role in Profiling.

http://www.openrce.org/blog/view/1050/Thread_Optimization_Checks_:_Code_Prominence

0kn0ck

This article encompasses the practical problems in designing XML signatures through the use of APIs. XML signatures are used to provide security to data of any kind whether XML or binary. The confidentiality, integrity, and authenticity of the message has to be preserved when designing a SOAP request for communication. XML API functionality is very versatile but at the same time protection measures have to be included to prevent loss of data.

http://www.usenix.org/publications/login/2008-02/index.html

0kn0ck