Avatar
I am Prateek Gianchandani. Currently i am working as a Security Researcher in UAE. I have interests in Exploit Development, Mobile and Browser Security. I am Prateek Gianchandani. Currently i am working as a Security Researcher in UAE. I have interests in Exploit Development, Mobile and Browser Security. I have spoken/ trained at Conferences like Blackhat USA, Defcon, Brucon, PHDays, Owasp Appsec USA, Hack in Paris, x33fcon etc... Continue

articles tagged with security

ARM64 Reversing and Exploitation Part 3 - A Simple ROP Chain
ARM64 Reversing and Exploitation Part 2 - Use After Free
ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow
From zero to tfp0 - Part 2: A Walkthrough of the voucher_swap exploit
From zero to tfp0 - Part 1: Prologue
iOS Application Security Part 55 - Inspecting iOS apps with Passionfruit
iOS Application Security Part 54 - The Needle Framework
iOS Application Security Part 53 - Objection continued
iOS Application Security Part 52 - Inspecting iOS apps with Objection
iOS Application Security Part 51 - Dumping decrypted IPA and Dynamic Instrumentation on a non-jailbroken device
iOS Application Security Part 50 - Touch ID Bypass with Frida
iOS Application Security Part 49 - Runtime Patching with Frida
iOS Application Security Part 48 - Frida APIs
iOS Application Security Part 47 - Inspecting Apps with Frida
Releasing Damn Vulnerable iOS App v2.0 - written in Swift
iOS Application Security Part 46 - App Transport Security
iOS Application Security Part 45 - Enhancements in Damn Vulnerable iOS app version 1.5
iOS Application Security Part 44 - Bypassing Jailbreak detection using Xcon
iOS Application Security Part 43 - FAT binaries & LLDB usage continued
iOS Application Security Part 42 - LLDB Usage continued
iOS Application Security Part 41 - Debugging applications using LLDB
iOS Application Security Part 40 - Testing apps on your Mac
Damn Vulnerable iOS App solutions free for download
Android Application hacking with Insecure Bank Part 4
Android Application hacking with Insecure Bank Part 3
iOS Application Security Part 39 – Sensitive information in memory
Android Application hacking with Insecure Bank Part 2
iOS Application Security Part 38 - Attacking apps using Parse (Guest Lecture by Egor Tolstoy)
iOS Application Security Part 37 - Adapting to iOS 8
Damn Vulnerable iOS App v1.4 launched
Android Application hacking with Insecure Bank Part 1
iOS Application Security Part 36 – Bypassing certificate pinning using SSL Kill switch
Wifite Walkthrough part 2: Cracking WPA access points
Wifite Walkthrough part 1: Cracking WEP access points
iOS Application Security Part 35 – Auditing iOS Applications With iDB
iOS Application Security Part 34 - Tracing Method calls using Logify
iOS Application Security Part 33 - Writing tweaks using Theos (Cydia Substrate)
iOS Application Security Part 32 - Automating tasks with iOS Reverse Engineering Toolkit (iRET)
iOS Application Security Part 31 - The problem with using third party libraries for securing your apps
How to distribute IPA file for jailbroken devices
iOS Application Security Part 30 - Attacking URL schemes
GDB segmentation fault issue fix with jailbroken device
iOS Application Security Part 29 - Insecure or Broken Cryptography
iOS Application Security Part 28 - Patching iOS Application with Hopper
iOS Application Security Part 27 - Setting up a mobile pentesting environment with iOS 7 Jailbreak
iOS Application Security Part 26 – Patching iOS Applications using IDA Pro and Hex Fiend
iOS Application Security Part 25 – Secure Coding Practices for iOS Development
iOS Application Security Part 24 – Jailbreak Detection and Evasion
iOS Application Security Part 23 – Defending against runtime analysis and manipulation
iOS Application Security Part 22 – Runtime Analysis and Manipulation using GDB
iOS Application Security Part 21 – ARM and GDB Basics
iOS Application Security Part 20 – Local Data Storage (NSUserDefaults
iOS Application Security Part 19 – Programmatical Usage of Introspy
iOS Application Security Part 18 – Detecting custom signatures with Introspy
iOS Application Security Part 17 – Black-Box Assessment of iOS Applications using INTROSPY
iOS Application Security Part 16 – Runtime Analysis of iOS Applications using iNalyzer
iOS Application Security Part 15 – Static Analysis of iOS Applications using iNalyzer
iOS Application Security Part 14 – Gathering information using Sogeti Data Protection tools
iOS Application Security Part 13 – Booting a custom Ramdisk using Sogeti Data Protection tools
iOS Application Security Part 12 – Dumping Keychain Data
iOS Application Security Part 11 – Analyzing Network Traffic over HTTP/HTTPS
iOS Application Security Part 10 – iOS Filesystem and Forensics
iOS Application Security Part 9 – Analyzing Security of iOS Applications using Snoop-it
iOS Application Security Part 8 - Method Swizzling using Cycript
iOS Application Security Part 7 - Installing and Running Custom Applications on Device without a registered developer account
iOS Application Security Part 6 - New Security Features in iOS 7
iOS Application security Part 5 – Advanced Runtime analysis and manipulation using Cycript (Yahoo Weather App)
iOS Appllication Security Part 4 – Runtime Analysis Using Cycript (Yahoo Weather App)
Burpsuite Walkthrough
iOS Application security Part 3 - Understanding the Objective-C Runtime
iOS Application security Part 2 - Getting class information of iOS apps
iOS Application security Part 1 - Setting up a mobile pentesting platform
Ghost USB Honeypot Part 2 - Installing and running the honeypot
Ghost USB Honeypot Part 1- Interview with Project Leader Sebastian Poeplau
Backtrack 5 R3 Walkthrough part 4
Backtrack 5 R3 Walkthrough part 3
Backtrack 5 R3 Walkthrough part 2
Backtrack 5 R3 Walkthrough part 1
Defcon 20 Day 3 Review
Defcon 20 Day 2 Review
Defcon 20 Day 1 Review
A New DNS Exploitation technique - Ghost domain names
Circumventing NAT using UDP hole punching
Scanning the web with Ammonite
Inserting Vulnerabilities in Web Applications
w3af walkthrough and tutorial part 4 - w3af tools
w3af walkthrough and tutorial part 3 - Remaining plugins
w3af walkthrough and tutorial part 2 - Discovery and Audit plugins
W3af walkthrough Part 1
Defending the Internet with Project Meshnet
Timing Analysis Attacks in Anonymous Systems
Hacking Web Authentication – Part 2
Hacking Web Authentication – Part 1
KARMETASPLOIT
Abusing IP Protocols to Create Covert Channels when Penetration Testing
DNS Hacking - Beginner to Advanced

all tags