Linking Github Project with XAMPP

Github is a great public code repository hosted online and XAMPP is a popular server to run web content locally. Here we discuss about how to link the folders in Github and place it inside XAMPP directory so that we can run the application as well as get Github client synchronize the changes.

Upgrade Python or Use Multiple Versions In Linux (Backtrack)

This is a quick post about getting an updated (or a specific) version of Python running on your Linux (Backtrack is used here).  A tool called ‘pythonbrew‘ is used for this purpose. It not only lets us download and install required version of python, but also allows us to choose which version needs to be

Py Script to Update Backtrack 5 Tools

This Python script by the author ‘sickness’ updates many of the tools present in Backtrack suite, which otherwise would’ve to be updated manually. Get the script Screenshot Source:

Embedding Vulnerabilities Trend Graph in SharePoint or Blog

In this post, we talk about using various third party Chart APIs to display a trend graph on any SharePoint site (or a blog). These graphs delivers a quick summary of the vulnerabilities identified during various security assessments. This can be embedded in a Security SharePoint portal or a dashboard which will be accessed by

Batch File Decompiles Android apk to Java Source With a Single Command

This batch file decompiles an apk to its corresponding java sources. People who are looking forward to do a code review on an android app who’s source code is not readily available can utilize this bat. This batch runs various free tools available on the internet in a sequence to obtain the java source files.

Extract Android apk from Market and Decompile it to Java Source

This post talks about process of extracting apk file of any app available in market and then decompiling it to Java source. This can be helpful for those who perform code review (for security vulnerabilities) on apps whose source code is not available. Once Java source code is obtained, we can either do manual code

List of Chrome Browser Extensions for Security Analysts

List of chrome browser extensions that can be useful while performing application security assessments. Some of the extensions are already discussed earlier in our blog. On the sidenote, a similar collection exists for Firefox users – check SecFox at Mozilla Addons Collection site Note: Below table will be updated regularly. If you find any addons

Root, Backup Apps+Data and Install Cyanogenmod 7 Gingerbread on G2/Vision Phone

This post explains about rooting a Tmobile G2/HTC Vision and then installing Cyanogenmod 7 (Gingerbread) while retaining the apps and data that were in use with stock ROM. Entire process from rooting till installation of Cyanogenmod should not take more than half an hour.

Proxy Switchy Chrome Extension for Security Analysts

Proxy Switchy! is an advanced proxy manager for Google Chrome, it allows users to manage and switch between multiple proxy profiles quickly and easily. This will be one must-have addition to the chrome addons that helps for security testing which we had discussed earlier here. While conducting blackbox security assessments, we normally do analysis on communication

Notscripts – Noscript Alternative in Chrome

NotScripts gives you a high degree of “NoScript” like control over what javascript, iframes, and plugins runs in your browser to increase security and lower the CPU usage. It is useful to help mitigate some attacks like certain cross-site scripting (XSS) vulnerabilities and drive by downloads by blocking the third-party content before it even runs