The Security Value of the robots.txt file

DISCLAIMER This tutorial is only for Educational purposes. Please don't use these kind of attacks for unethical purposes. The "robots.txt" file is one of the primary ways of telling a search engine where it can and can't go.This is called the robots exclusion protocol. The robots.txt file is read by search engine spiders.The first thing … Continue reading The Security Value of the robots.txt file

DoubleLocker Android Ransomware.

DoubleLocker Android Ransomware Encrypts Data And Changes PIN To Permanently Lock Your Phone. ESET’s security researchers have identified a new kind of ransomware, which infects Android devices by using a technique that so far was used by Trojans. It not only encrypts your mobile phone but also modified its PIN. The ransomware has been named DoubleLocker … Continue reading DoubleLocker Android Ransomware.

How I solve MD5 Games 1 – Hack Dat Kiwi 2017

Let's  see how the challenge code looks like. <?php $md5=$_GET['md5']; if($md5==md5($md5)){ echo "The correct value is ...."; }else{ echo "Wrong"; } I didn't remember the original code but it's very similar to this. $md5==md5($md5)  How is this posible? Thats the point. If you read read this Article you can see , $md5='0ebc12423'; // start with 0e if … Continue reading How I solve MD5 Games 1 – Hack Dat Kiwi 2017

Facebook App Development with OAuth 2.0

What is OAuth (Open Authorization), and how it works? OAuth allows notifying a resource provider (e.g. Facebook) that the resource owner (e.g. you) grants permission to a third-party (e.g. a Facebook Application) access to their information (e.g. the list of your friends). You can use OAuth to get a token via a callback url and … Continue reading Facebook App Development with OAuth 2.0

Web Security Dynamic Analyses with OWASP ZAP

What is Dynamic Security analysis ? Dynamic application security testing (DAST) is examine the security application in the running sate and trying to poke it and prod it in unexpected ways in order to discover security vulnerabilities.[1] What is OWASP Zap ? The OWASP Zap attacking proxy is one of the most popular free security … Continue reading Web Security Dynamic Analyses with OWASP ZAP

Static Code analysis

What is Static Code analysis  Static Code analysis(Source code analysis) is usually performed as part of Code review and carried out at the software implementation phase of a Secure Software Development life Cycle (Secure SDLC).Static code analysis falls under white Box testing when considering  different type of the testing approaches.Static code analysis commonly refer to running … Continue reading Static Code analysis