- 1 Presentations
- 1.1 Psycho-Strategies for Social Engineering (26th October 2013)
- 1.2 Pentesting Web Services in 2012 (10th November 2012 )
- 1.3 Owasp Mobile Application Top 10 (24th March 2012 )
- 1.4 Mobile Application Security Continued.. (29th January 2012 )
- 1.5 Mobile Application Security ( 25th December 2011 )
- 1.6 Wireless Security (11th June 2011)
- 1.7 Web Application Security (14th May 2011 )
- 1.8 Armitage – Gui for Metasploit (25th December 2010)
- 2 Articles
We have various resources for learning social engineering like social-engineer.org, the art of deception by kevin mitnick, the art of social engineering by Christopher Hadgney etc. but then why this same old TALK? The purpose of this talk is to take you one step forward, by teaching you how exactly it could be done. I mean, how can you possibly hack computers without having the basic understanding of how operating system works, how computer protocols works? You need to know what you’re dealing with and then you go ahead and look for the security issues and vulnerabilities in them. Similar scenario is with social engineering, You need to know what you are dealing with. HUMANS. Right!. What do you know about humans other than but being one. How do they operate, how do they make decision, what all factors affects their response etc. Without understanding how humans work? Your knowledge of social engineering and toolkits will not suffice. This talk will unleash the psychological strategies to execute the structure of social engineering.
This will be a brief discussion on Pen Testing Web Services in 2012, though OWASP have testing guides which describes various methods and tools for performing black box and white box security testing on web services but theyâ€™re all outdated. The key points of the presentation will revolve around how to pen test web services, what are the pre-requisites, methodology, tools used, etc.
This presentation discuss OWASP Mobile Application TOP 10Â vulnerabilities in detail, clarifying doubts like difference between weak server side controls and Security Decisions via untrusted Inputs.
This presentation was in continuition to previous mobile security presentation on 25th december 2011 followed by discussion on new attack vectors and ways and tools to test them.
This Presentation take a dive into various requirements to setup a mobile app penetration testing lab with purpose to equip the audience with mobile app pentesting knowledge, starting scoping questions to reporting and everything in between like testing methodology, tool of trade, and types of attacks on android apps etc.
This presentation discuss the security issues with wireless protocols like wep, wpa-psk and wpa2.
This presentation discuss the OWASP Web Application vulnerabilities and ways to mitigate them.
This presentation discuss the Armitage “ GUI for Metasploit. Armitage is a scriptableÂ tool for MetasploitÂ that visualises targets, recommends exploits, and exposes the advanced post-exploitation features in the framework.
Articles published in Clubhack Magazine:
1. Pentesting Your Own Wireless Networks, June 2011 Issue
2. Armitage – The ultimate Attack Platform for Metasploit , July 2011 Issue