gunwantsingh.blogspot.com
Gunwant Singh: June 2008
http://gunwantsingh.blogspot.com/2008_06_01_archive.html
There are no secrets better kept than the secrets that everybody guesses. George Bernard Shaw. Jun 23, 2008. Welcome to my blog spot. This is the first time I am on blog spot. I will add posts on application security, network security and other topics of information security. I am building this up as I get time. Please bear with me. Subscribe to: Posts (Atom). Gunwant dot s at gmail dot com. Using JIRA to manage RISKS - v1.0 - OWASP AppSec EU - June 2016. Read My Lips: Let’s Kill 0Day. It's been a while.
gunwantsingh.blogspot.com
Gunwant Singh: Securing Web.Config through Encryption
http://gunwantsingh.blogspot.com/2010/05/this-write-up-is-only-effectual-for-asp.html
There are no secrets better kept than the secrets that everybody guesses. George Bernard Shaw. Jun 19, 2010. Securing Web.Config through Encryption. This write-up is effectual for ASP.NET 2.0. The Web.config is a .NET configuration file which contains sensitive configuration data like connection strings, SMTP information, user credentials, etc. There are two ways to encrypt Web.config:. Manually using the aspnet regiis.exe command-line utility. 2) RSA Protected Configuration Provider (RSAProtectedConfigu...
gunwantsingh.blogspot.com
Gunwant Singh: June 2010
http://gunwantsingh.blogspot.com/2010_06_01_archive.html
There are no secrets better kept than the secrets that everybody guesses. George Bernard Shaw. Jun 19, 2010. Securing Web.Config through Encryption. This write-up is effectual for ASP.NET 2.0. The Web.config is a .NET configuration file which contains sensitive configuration data like connection strings, SMTP information, user credentials, etc. There are two ways to encrypt Web.config:. Manually using the aspnet regiis.exe command-line utility. 2) RSA Protected Configuration Provider (RSAProtectedConfigu...
ethicalhackernet.blogspot.com
Ethical-Hacker.net Blog - A Security Driven Knowledge: May 2010
http://ethicalhackernet.blogspot.com/2010_05_01_archive.html
Ethical-Hacker.net Blog - A Security Driven Knowledge. Monday, May 31, 2010. Breaking Into SharePoint Portal. Windows SharePoint Services (WSS). Free (with Windows Server). Consists of an ASP.NET web site and ISAPI filter. Microsoft Office SharePoint Server (MOSS). Built on top of WSS. Supports collaboration on MS Office documents. Gartner predicts SharePoint will replace network file shares. Default security model: all site users have read access to all documents. Hacking the SharePoint ISAPI Registry.
ethicalhackernet.blogspot.com
Ethical-Hacker.net Blog - A Security Driven Knowledge: January 2010
http://ethicalhackernet.blogspot.com/2010_01_01_archive.html
Ethical-Hacker.net Blog - A Security Driven Knowledge. Wednesday, January 27, 2010. CyberWar, CyberTerror and CyberCrime. During the past few years, these terms have refined and brought enormous attention in the media. However, the actual definitions remain same but keep blending with the growing threats. As mentioned in Wikipedia. Also known as "Cyber Warfare", is the use of computers and the Internet in conducting warfare in cyberspace. Distributed attacks, high anonymity. Direct contact with the enemy...
ethicalhackernet.blogspot.com
Ethical-Hacker.net Blog - A Security Driven Knowledge: February 2010
http://ethicalhackernet.blogspot.com/2010_02_01_archive.html
Ethical-Hacker.net Blog - A Security Driven Knowledge. Saturday, February 27, 2010. Network Intrusion: The Advanced IPS Evasion Techniques. IP Fragmentation with manipulated fragment size and order. TCP segmentation with manipulated segment size and order. SMB Transaction Write Method. SMB Transaction Method fragmentation. MSRPC Multibind (bind to multiple unnecessary or non-existent context the vulnerable context). Fill IP Packet with random Options. Open and close a TCP connection. Open a new TCP-c...
ethicalhackernet.blogspot.com
Ethical-Hacker.net Blog - A Security Driven Knowledge: June 2010
http://ethicalhackernet.blogspot.com/2010_06_01_archive.html
Ethical-Hacker.net Blog - A Security Driven Knowledge. Tuesday, June 22, 2010. Defending BGP MITM (Man-In-The-Middle) Attacks. Every organization owes its Internet connectivity to one protocol: BGP4. There are no alternatives. BGP4 has longstanding vulnerabilities that cannot be fixed, and can only be monitored carefully. 1 Everyone who connects to the Internet is currently exposed to various routing risks: downtime, hijacking and now even wholesale traffic interception. Internet Routing – Prefixes.
ethicalhackernet.blogspot.com
Ethical-Hacker.net Blog - A Security Driven Knowledge: October 2010
http://ethicalhackernet.blogspot.com/2010_10_01_archive.html
Ethical-Hacker.net Blog - A Security Driven Knowledge. Wednesday, October 27, 2010. Wireless Reconnaissance in Practice. Kismet (stable, devel and newcore). Locate / Identify AP(s). BSSID, ESSID, Channel and Encryption. Locate / Identify Client(s). Drones / open-source WIPS. Aircrack-ng – Cracking WEP and WPA. Suite of tools for wireless testing. Mostly thought for wireless cracking. Can also be used for wireless recon. All for the Win32 geeks. Kismet-(stable devel) – Txt, CSV, XML, GPS and pcap. CVE-200...
ethicalhackernet.blogspot.com
Ethical-Hacker.net Blog - A Security Driven Knowledge: April 2012
http://ethicalhackernet.blogspot.com/2012_04_01_archive.html
Ethical-Hacker.net Blog - A Security Driven Knowledge. Saturday, April 7, 2012. Cuando escuchas el término Crimeware en que piensas…? Un tipo de malware. Esta es una definición creada por Peter Cassidy, Secretario General del Anti-Phishing Working Group. Se convierte en “Ciberdelincuencia Organizada”. Si deseamos buscar los orígenes de la Ciberdelincuencia Organizada podemos remontarnos a mediados del 2001 donde un grupo de Black Hats ucranianos creó el sitio CarderPlanet.com. De los muchos tipos de Crim...
SOCIAL ENGAGEMENT