Anant Shrivastava : Techno Enthusiast

LSB new twist : text based Stegnograph

anantshri — Sun, 18 Mar 2012 11:21:10 +0000

Today i am going to discuss about a simple twist in existing Stegnography and text base data hiding techniques. While creating challenges for Preconference hacking challenge “HACKIM” for nullcon conference. we cameup with text based LSB hiding challenge as crypto challenge part 5. today i am releasing tools i used to encoding and decoding such [...]

Standalone Perl on Android

anantshri — Wed, 14 Mar 2012 18:30:39 +0000

In simmilar lines to standalone python this is the code that could be used for running standalone perl applications. This script again tries to address some very basic issues. 1) non availability of direct perl calling mechanism while using terminal emulator. 2) Environmental limitations. 3) you can’t pass command-line arguments. Script enclosed Here PW=`pwd` cd [...]

DroidCAT – Android Application collection for Security professionals

anantshri — Tue, 13 Mar 2012 19:54:59 +0000

After a gap of 1 month finally releasing the droidcat application. DroidCAT application is developed as part of HaXdroiD project which is right now in closed tested status. Lets talk about DroidCat today. What is Cat-Droid? DroidCat is inspired by firecat and aims to be a one stop solution to finding all ethical hacking / [...]

Whitepaper : Security Issues in Android Custom ROM’s

anantshri — Sun, 16 Oct 2011 23:25:30 +0000

Today i am releasing the paper which i presented recently at C0C0N conference at ernakulam. this paper outlines where security misconfiguration that can lead to device compromise, data theft and so on. Hope this helps in secure development and deployment of custom ROM’s. http://anantshri.info/articles/android_cust_rom_security.html The link contains download for both my slidepack as well as [...]

Android File system Graphical View

anantshri — Wed, 12 Oct 2011 12:09:03 +0000

Today i am presenting a simple HTML page which everyone can use to visualize the file system layout of Android Phones. http://anantshri.info/andro/file_system.html I have tried to keep vendor specific stuff out of the list however if you think this needs correction feel free to point out and correct it out. Link : http://anantshri.info/andro/file_system.html

Android : Running Standalone Python

anantshri — Thu, 11 Aug 2011 18:19:24 +0000

This is not yet another post on android-scripting project or SL4A or python for android. This post is for a specific purpose to empower the terminal again and make users again feel the power of terminal. Current state we can run perl, python, PHP, ruby, beanshell in SL4A interface or as a standalone apk with [...]

MyLife : Hack : Yahoo Open HackDay 2011

anantshri — Sun, 31 Jul 2011 08:16:48 +0000

This was my first time attending Yahoo open hackday the event is all fun and a quick way to hacking onto the yahoo api’s. I specifically focused on one API YQL, which basically claims to do the following select * from internet now that raises an eyebrow, in simpler term this is what is we [...]

White Paper : Web Application Finger Printing : Methods/Techniques and Prevention

anantshri — Sun, 17 Jul 2011 12:34:31 +0000

Today I am presenting my work for past some days in form of a white paper. This white paper basically outlines the automated finger printing methods, techniques and ideas for prevention automated methods to work on your site. BTW those who are having wappalyzer on there browsers just enjoy visiting my Joomla Powered Website. :D [...]

Chrome Extensions for Security Professionals

anantshri — Sun, 10 Jul 2011 10:02:20 +0000

During Recent days we have seen a phenomenal increase in usage of Google Chrome Browser, however Security Professionals are still looking at Firefox for there day to day life usage, the basic reason behind it is large set of firefox extensions backing it up, we have also custom builds like OWASP Mantra doing the round. [...]

Database protection Techniques : a different prespective

anantshri — Tue, 28 Jun 2011 12:24:02 +0000

Tips for Db Security Disclaimer : This post keeps in mind the web frontends and web applications based attacks on DB Servers in mind. Any Userid used for web application connectivity should be clipped to specific ip addresses that could be localhost in case of same server usage for Db and App server. If two [...]