Feed on
Posts
Comments

Archive for the 'Secure Coding' Category

Book of the Month – SQL Injection Attacks and Defense

Posted in Computer Security, Hacking, Pen Testing, Secure Coding, Security Books, Security Vulnerability, web security on Feb 22nd, 2010 No Comments »

VN:F [1.7.7_1013]Rating: +2 (from 2 votes)SQL Injection is one of the most popular web attacks that the security world has ever witnessed since the evolution of Internet. Till date it remains one of the less understood vulnerability from web security perspective as indicated by growing number of SQL injection attacks.
In this direction, this book [...]

Read Full Post »

Book of the Month : Writing Secure Code for Windows Vista

Posted in Computer Security, Secure Coding, Security Books on Oct 22nd, 2009 No Comments »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)This is the one of the ‘Writing Secure Code’ series book completely focused on security design & implementations incorporated into vista. Written by experts involved in secure development of Vista, book offers complete coverage of security defenses in precise and concise format. However unlike earlier security book in the series, [...]

Read Full Post »

Book of the Month : Hacking – The Art of Exploitation

Posted in Computer Security, Hacking, Secure Coding, Security Books, Vulnerability Research on Jun 15th, 2009 No Comments »

VN:F [1.7.7_1013]Rating: +1 (from 1 vote)This may sound like another hacking book written to sell, but it is not. This is one such book where author has covered everything from tip to toe of vulnerability exploitation, a complex topic to comprehend, in a simple and practical way.

At a top level this book covers the following [...]

Read Full Post »

Book of the Month : 19 Deadly Sins of Software Security

Posted in Computer Security, Secure Coding, Security Books, Vulnerability Research on May 10th, 2009 No Comments »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)This book is essential for anyone who is into software development to understand the basic security flaws as well as detect & eliminate them during the early development phase of the product itself.  It offers detailed coverage on 19 crucial security flaws each explained in separate chapters.

The book covers following [...]

Read Full Post »

SpyDLLRemover : Detect & Delete Spywares From The System

Posted in Computer Security, Hidden Myths, Reverse Engineering, Rootkits, Secure Coding, Security Books, Security Tools, Spyware, Vulnerability Research on Mar 16th, 2009 No Comments »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)My new tool, SpyDLLRemover is released on the RootkitAnalytics website. This tool helps in detecting and deleting userland based rootkits which hide the processes and injected modules to prevent their detection from antirootkit softwares.
Here is the snapshot of SpyDLLRemover detecting the hidden process belonging to HackerDefender Rootkit.

Here is another snapshot [...]

Read Full Post »

Detecting System DLL …!

Posted in Computer Security, Hidden Myths, Secure Coding, Spyware on Feb 14th, 2009 3 Comments »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)Recently while working on a new tool SpyDLLRemover, I had to separate out the operating system DLLs from others.  To be precise, I needed method to reliably detect malicious DLL among all loaded DLLs of the process.  This requires cornering out the malicious DLL by eliminating legitimate DLLs from the [...]

Read Full Post »

Have you crashed into _strlwr_s() ?

Posted in Computer Security, Secure Coding on Feb 10th, 2009 4 Comments »

VN:F [1.7.7_1013]Rating: 0 (from 0 votes)Almost every developer knows the cost of using insecure string function such as strcpy which can lead to buffer overflow exploits.  But no one knows the cost of using the secure string functions. Here is just illustration of how much pain it can cause sometimes…
Have a look at the sample [...]

Read Full Post »