blogs

Today i come to know about Hex Ray decompiler
i think it only works with the IDA pro and can generate pseudo code from the assembly.i think this what makes RE easier.consider a case of diffing two dlls,i know there is halvar flaks bindiff but that requires you to understand and digg through the assembly code while hex ray makes it easy to genrate the pseudo code and then you can easily determine the changes.  read more »

Dear Users,
update:i have removed tht due to some functionality problem.
I have added the support for voting down the stories which you don't like.I hope it will help to identify what you like and what you don't and then i can take proper actions.

Regards,
SecGeek

you can check the various presentations for BlackHat 2008 here
Personally i will recommend the DTrace and GSM hacking paper.
have fun in reading....

Dear Users,

As many users requested,I have added the support for searching using google on this site.Now you can search on this site for your favorite topics and keywords.

Cheers,
SecGeek

Today while surfing youtube.com a thought comes in mind.Spammers are deriving new ways to spam the users on the internet like audio spam,pdf spam etc. what if they started using video spamming?
Imagine that you visit youtube.com and found a video that has some hot and sexy chicks photos,videos which endorse some viagra or other products.at the last they display a url from where you can purchase them.these URLs are classic old urls which you daily receives in your spam.for once many novice and even experiance users will open that URL?  read more »

Looks like the script support in orkut scraps and profile is causing devasting effects to its users.daily there are new worms coming up which scraps everyones scrap book and send some stupid message.this messages are either contains some pornographic image or some trick to view others locked profile.  read more »

This is not related to security but i thought it would be nice to share with my readers.check out the story bellow(from http://consumerist.com):-  read more »

recently i was reading the shellcoder's handbook.its a nice book which contains the indepth chapters for buffer overflow,shell code,format string and other stuff.if you are starting to write your own exploits then this book is a must read.check it out.

I was reading about heap sprying techniques and i found one good presenatation which explains everything.it from determina and presented at blackhat.
you can download it's PDF here

I just received this from a friend of mine.here is the description:-
"Detect & Alert Malicious JavaScript : XSSProxy, XSS-Shell, AttackAPI, Beef. But No guarantee for full prevention of XSS-Injection threats. Many ways to bypass it such as via iframes but I'm sure it protects you from casual attackers."

you can get it here:-
Click Here to Download

image courtesy of http://eatliver.com/i.php?n=2801

Dude Vanwinkle was a nice friend of mine and i enjoyed reading his posts over funsec list.I was shocked to know that he is no more with us.
i never met him personally but i had frequent chats with him over IM.He is very knowledgeable and helpful person and i enjoyed talking to him.i will surely miss him :(
"he who shall be missed, rest in peace."
RIP Dude Vanwinkle.

-SecGeek

There has been a under sea cable cut in egypt due to which asian people are having lots of problem getting internet.they are having slow download speed,sites are loading very slow.its affecting the work of many organization and people.
officials says it will be fixed in 2 weeks but that too much time :-p
http://www.telegraph.co.uk/connected/main.jhtml?xml=/connected/2008/01/31/dlblackout131.xml

Hi All,

In our effort to offer several benefits to our advertisers, we would like to offer a Free Pass for BlackHat 2008 Amsterdam Briefings if you advertise on secgeeks.com
Please let us know if you are interested in Advertising on this site.For the available advt. options please check this

Cheers,
SecGeek

Hi All,

We have created two widgets for SecGeeks by which you can access secgeek.com from anywhere from your mobile or from your PC or Laptop.If you want to get it on Mobile then simply use the widget bellow:-

if you want to use it on your Site/Blog/Forums/Etc. then use the widget bellow:-  read more »

Hi All,

Do you want to attend the BlackHat 2008 Amsterdam Briefings?If yes then we can help you in that :)
We are starting a Contest on Secgeeks,in which you have to post links or write blogs on the security related news and topics and the person with the most Quality posts will win a Pass for BlackHat Amsterdam 2008 Briefings.
So start posting and prepare to go to BlackHat.

Note:This start from Today 20/01/08 and will be end on 01/03/08.
Winners will be announced on 02/03/08.

Terms and Conditions:  read more »

(from offensivecomputing)
The Mpack toolkit has been uploaded to rapidshare. get it here:-
Download Here....

I have been interviews in almost all the top security companies and startup.During my interview process i have faced various questions.Here are some of the interview questions which i faced.i will try to post the answers on the next post, meanwhile you should try to find the answer at your own(or if you already know them then its good for you)

1)What is a Buffer Overflow?
2)How will you overwrite EIP?
3)Suppoes there is a buffer[100],how many bytes of input you will need to overwrite EIP?
4)How many bytes will cause a buffer overflow in the above example?
5)What is a heap overflow?  read more »

we have created a community for secgeeks on orkut.
join us here