Presentations & Articles

Presentations

Psycho-Strategies for Social Engineering  (26th October 2013)

We have various resources for learning social engineering like social-engineer.org, the art of deception by kevin mitnick, the art of social engineering by Christopher Hadgney etc. but then why this same old TALK?   The purpose of this talk is to take you one step forward, by teaching you how exactly it could be done.  I mean, how can you possibly hack computers without having the basic understanding of how operating system works, how computer protocols works? You need to know what you’re dealing with and then you go ahead and look for the security issues and vulnerabilities in them.   Similar scenario is with social engineering, You need to know what you are dealing with. HUMANS. Right!. What do you know about humans other than but being one.  How do they operate, how do they make decision, what all factors affects their response etc. Without understanding how humans work? Your knowledge of social engineering and toolkits will not suffice.  This talk will unleash the psychological strategies to execute the structure of social engineering.

Pentesting Web Services in 2012 (10th November 2012 )

This will be a brief discussion on Pen Testing Web Services in 2012, though OWASP have testing guides which describes various methods and tools for performing black box and white box security testing on web services but they’re all outdated. The key points of the presentation will revolve around how to pen test web services, what are the pre-requisites, methodology, tools used, etc.

Owasp Mobile Application Top 10 (24th March 2012 )

This presentation discuss OWASP Mobile Application TOP 10 vulnerabilities in detail, clarifying doubts like difference between weak server side controls and Security Decisions via untrusted Inputs.

Mobile Application Security Continued.. (29th January 2012 )

This presentation was in continuition to previous mobile security presentation on 25th december 2011 followed by discussion on new attack vectors and ways and tools to test them.

Mobile Application Security ( 25th December 2011 )

This Presentation take a dive into various requirements to setup a mobile app penetration testing lab with purpose to equip the audience with mobile app pentesting knowledge, starting scoping questions to reporting and everything in between like testing methodology, tool of trade, and types of attacks on android apps etc.

Wireless Security (11th June 2011)

This presentation discuss the security issues with wireless protocols like wep, wpa-psk and wpa2.

Web Application Security (14th May 2011 )

This presentation discuss the OWASP Web Application vulnerabilities and ways to mitigate them.

Armitage – Gui for Metasploit  (25th December 2010)

This presentation discuss the Armitage “ GUI for Metasploit. Armitage is a scriptable tool for Metasploit that visualises targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.

Articles

Articles published in Clubhack Magazine:

1. Pentesting Your Own Wireless Networks, June 2011 Issue

http://chmag.in/issue/jun2011.pdf

2. Armitage – The ultimate Attack Platform for Metasploit , July 2011 Issue

http://chmag.in/issue/jul2011.pdf

 

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close