How to make portable apps.

Portable applications are useful. You do not need to install them, carry them along with all the settings, forget about platforms, configurations, settings and most important liscencing. There are a number of techniques to make portable apps. Thinstall uses an Application Virtualization Technique to achive that purpose. VMWare recently acquired it and the application is [...]

The Hunt for Smart Card Readers

Trying to search for a decent smart card reader seemed to be a much difficult task than i originally anticipated. Online shops from Hongkong and China are full of a range of both contact and contactless (rfid) card readers. Most of them however do not support the wide range of ISO standards (14443 A / [...]

Tor Controller

Vidalia is a cross-platform controller for Tor (The Onion Router) for network anonymity, built using the Qt toolkit. It allows the user to start, stop, and view the status of Tor, monitor bandwidth usage, view, filter, and search log messages, and configure some aspects of Tor. The most feature of Vidalia is its Tor network [...]

A talk on Open Source on Software Freedom Day

The world celebrated the Software Freedom Day on 15th September 2007. We had some 100+ countries and more than 300 groups covering the free software world in different form of activities, presentations and events. The webmasters of FAST-NU Karachi also organized an event and talk series on the day and I felt really honored and [...]

Network Traffic Visualization

Rumint is a network and security visualization tool. It allows you to load packet capture files as well as perform live packet capture and visualize the results using a variety of visualization techniques. You can then filter the dataset and play back the data using a PVR interface. Version 1.92 adds the ability to directly [...]

Recording the Runtime State of a VM

As VMWare 6 Goes into beta 3, the most awaited feature and a tester dream comes to reality. To capture, record and replay EVERYTHING that happens to a VM. This is not a movie recording, but more of a runtime execution and state recording. You can play back a recorded instance (say a list of [...]

Public Vista 0day

Before the consumers worldwide get even the first hand on the most secure windows ever, a new public exploit is already on the rise and has been posted to the full fisclosure which describes a privilege escalation attack allowing a logged in user to elevate himself to SYSTEM. I tested the PoC published code and [...]

Defeating anonymity by monitoring clock skew ?

A Cambridge University researcher Steven J Murdoch has a devised a novel attack on online anonymity systems in which he literally takes a computer’s temperature over the internet. The attack uses a phenomenon called “clock skew” the tendency for the precise clocks in modern computers to drift off of the correct time at slightly different [...]

Playing with VMWare 6

My favourite virtualisation product VMWare is now in the sixth generation with its public beta available for testing in the holiday season. The product is continously being transformed for being the preferred tool for software engineers and security reasearchers due to its noticable features for ease of development, debugging and tracing. Integration with Visual Studio [...]

Beyond the Win32 API (Part I)

The Win32 or simply the Windows API allows developers to exploit the deep power of the Windows OS internals and use them in there applications. WinAPI (and Platform SDK) provides functional interfaces to communicate directly with the OS and make system calls including base OS services, control libs, GDI, shell, network services and numerous others. [...]