Contact Me @ +91-9041922099

Mail me at

Friday, September 26, 2014

Bash-Bug Penetration Testing - Anatomy of Shelllock

A new security vulnerability known as the Bash or Shellshock bug could spell disaster for major digital companies, small-scale Web hosts and even Internet-connected devices.

The quarter-century-old security flaw allows malicious code execution within the bash shell (commonly accessed through Command Prompt on PC or Mac's Terminal application) to take over an operating system and access confidential information.

A post from open-source software company Red Hat warned that "it is common for a lot of programs to run Bash shell in the background," and the bug is "triggered" when extra code is added within the lines of Bash code.

Monday, September 15, 2014

Call For Papers for nullcon Goa 2015

Dear Security Gurus,

We are excited to announce Call For Papers for nullcon Goa 2015. Time to tickle your gray cells and submit your research.

6th year | CFP opened on 6th Aug 2014 | conference on 6th Feb 2015.

CFP Details:- 

Training: 4th-5th Feb 2015

Conference: 6th-7th Feb 2015

Our motto - "The neXt security thing" drives the objective of the conference i.e. to discuss and showcase the future of information security, next-generation of offensive and defensive security technology, zero day vulnerabilities and unknown threats. 

Get ready to Goa!

Monday, September 1, 2014

Forceful Sale of Stove by HP (Hindustan Petroleum) Bhogpur Gas Service in Dalli, Bhogpur, Jalandhar, Punjab

This is regarding the forceful sale of stove by HP (Hindustan Petroleum) Bhogpur Gas Service in Bhogpur, Jalandhar, Punjab

The above news has been published in No. 1 Punjabi Newspaper AJIT on 1st September 2014 on page number 8.

Complaint against Distributor : BHOGPUR GAS SERVICE (13896100) 
From HP side communication done by Mr.ASHISH SINGH (192249) 

I had booked for a new HP gas connection and was called on Saturday (02/08/2014) as the connection was available. When I visited the company, I was told to buy stove along with other accessories. I humbly mentioned that I already have a stove manufactured as per the industry standards and I would need only the gas connection.

The manager over there informed me that I would get connection only if I buy the stove. When I asked the formal route of getting a connection without stove, they said without verification they will not provide the connection. Here I’ve seen a strange practice of forcing the customers to buy the stove and then making them sign the document mentioning that they were not forced to buy.

If we denied buying the stove, they will not give us the GAS connection & return back all the documents by saying that without verification they cannot provide the gas connection.


I also noticed the Rude behavior of owner/manager of the agency.

Through the MRTPC notification, HP has clearly mentioned that it is not obligatory to purchase the stove from dealers/distributors. But this is not being followed in Bhogpur Gas Service in Bhogpur, Jalandhar. Such activities are spoiling the name and fame of Hindustan Petroleum Corporation Limited.

For all other facing similar problem, you may please visit below website to log your complaint against any HP distributor across India. Once the complaint has been logged, response is mandatory from HP representative.

#HPCL #HindustanPetroleum #Bhogpur #AjitNewspaper #PunjabiNews #Dalli #Complaint #ForcefulSaleofStove #ForcefulSale

Wednesday, April 30, 2014

Fool the Network Hunters (Hackers)

Portspoof is meant to be a lightweight, fast, portable, and secure addition to any firewall system or security system. The general goal of the program is to make the information-gathering phase slow and bothersome for your attackers as much as possible. This is quite a change to the standard 5s nmap scan that will give a full view of your system’s running services.

Friday, April 25, 2014

Information Security Aficionado: Vulnerability Scanning With Metasploit

Information Security Aficionado: Vulnerability Scanning With Metasploit: Vulnerability scanning is part of penetration testing. A vulnerability scanner is an automated program designed to look for weakne...

Friday, March 14, 2014

Theoretical Methodology for Detecting ICMP Reflected Attacks: SMURF Attacks - InfoSec Institute

 There are plenty of different ways to track the original source of a DoS
attack, but those techniques are not efficient enough to track a
reflected ICMP attack. When I say “reflected ICMP attack,” that means a
SMURF attack. Here I am going to show you a new model to trackback the
reflective DOS attack caused by ICMP packets. This is a very efficient
method, because you can do this with the help of a really few attack
packets. We have seen that, to detect ICMP attacks in direct attack, we
need a large amount of packets to be revised, which is not true in this


Read Full Story : Theoretical Methodology for Detecting ICMP Reflected Attacks: SMURF Attacks - InfoSec Institute:

Wednesday, March 12, 2014

Sunday, March 9, 2014

Vigilance complaints pile up as Delhi Police doesn’t know password | The Indian Express

Over 600 complaints regarding the Delhi Police forwarded by the Central Vigilance Commission
to an online portal have been pending for the past eight years. The
reason: the Delhi Police didn’t know the password to access the portal
or how to operate it, a lapse that went undetected since 2006.

In January finally, two Delhi Police officers, one of the level of
deputy commissioner of police and another an inspector, were imparted
“training” by the CVC on the same.

Sources in the CVC said 667 complaints had piled up, with no action taken by the police.

Each Delhi government department under the CVC, including the MCD,
DDA and several investigating agencies, have a chief vigilance officer
to look into complaints. If a complaint reaches the CVC, either it
tackles it independently or it sends it to the concerned department

Read Full Story :Vigilance complaints pile up as Delhi Police doesn’t know password | The Indian Express

Friday, March 7, 2014

Computer Forensics Investigation – A Case Study - InfoSec Institute

Computer technology is the major integral part of everyday human
life, and it is growing rapidly, as are computer crimes such as
financial fraud, unauthorized intrusion, identity theft and intellectual
theft. To counteract those computer-related crimes, Computer Forensics
plays a very important role. “Computer Forensics involves obtaining and
analysing digital information for use as evidence in civil, criminal or
administrative cases (Nelson, B., et al., 2008)”.

A Computer Forensic Investigation generally investigates the data
which could be taken from computer hard disks or any other storage
devices with adherence to standard policies and procedures to determine
if those devices have been compromised by unauthorised access or not.
Computer Forensics Investigators work as a team to investigate the
incident and conduct the forensic analysis by using various
methodologies (e.g. Static and Dynamic) and tools (e.g. ProDiscover or
Encase) to ensure the computer network system is secure in an
organization. A successful Computer Forensic Investigator must be
familiar with various laws and regulations related to computer crimes in
their country (e.g. Computer Misuse Act 1990, the UK) and various
computer operating systems (e.g. Windows, Linux) and network operating
systems (e.g. Win NT). According to Nelson, B., et al., (2008), Public
Investigations and Private or Corporate Investigations are the two
distinctive categories that fall under Computer Forensics
Investigations. Public investigations will be conducted by government
agencies, and private investigations will be conducted by private
computer forensic team. This report will be focused on private
investigations, since an incident occurred at a new start-up SME based
in Luton.

This report also includes a computer investigation model, data
collections and its types, evidence acquisitions, forensics tools,
malicious investigation, legal aspects of computer forensics, and
finally this report also provides necessary recommendations,
countermeasures and policies to ensure this SME will be placed in a
secure network environment.

Read Full Article at Here : Computer Forensics Investigation – A Case Study - InfoSec Institute

Design by Amarjit Singh | Idea From Blogging Tutorials - Premium Themes | Best Buy Coupons