Aditya K Sood's (0kn0ck) Blog

Security at Stake

Me-Myself-I

Aditya K Sood
Senior Security Researcher
Vulnerability Research Labs (VRL) COSEINC

Founder, SecNiche Security

Search

Projects-

CERA- Web Research.

MLabs : Digital Intelligence.

TrioSec : Penetration Testing.

EvilFingers.

WAZ :Anti Zomb Tool.

Email Contacts.

0kn0ck Email.

Linkedin Network..

My Linkedin Profile.

IS Research Author

Elsevier Network Journal

Elsevier Computer Fraud and Security Journal

British Computer Society

Conferences.

EuSecWest
Troopers
XFocus Xcon
Xfocus XKungfoo
Owasp
Clubhack
CERT-IN

BCS Article - Scrutinizing Business Logic

The British Computer Society has published a new article on business logic written by secniche. The article revolves around:

The vulnerability pattern is shifting more towards application level and attackers are concentrating more on exploiting web applications rather system level insecurities. The high end attacks used to start with XSS and SQL injections, but the paradigm has shifted more towards business logic flaws.

For detailed article:

http://www.bcs.org/server.php?show=ConWebDoc.24009&changeNav=8265

Regards
0kn0ck

Posted on 1/22/2009 01:13:00 AM by 0kn0ck | 0 Comments

Hakin9 Issue Jan-Feb 2009 - New Paper Published

The new paper related to "Hacking IM encryption Flaws" have been published in Hakin9 issue. This paper sheds a light on encryption problems in Instant Messaging client’s primary memory which lead to hacking. The IM clients have been used extensively all over the world to exchange messages between different parties.

For more details: http://hakin9.org/prt/view/about-the-mag/issue/959.html

Regards
0kn0ck

Posted on 1/22/2009 01:06:00 AM by 0kn0ck | 0 Comments