Category Archives: Web

Build nwjs12 for windows

Here is the list of steps to build nwjs12 for windows: Download https://src.chromium.org/svn/trunk/tools/depot_tools.zipSet up the path for depot_toolsgclientInstall VS 2013 community editionInstall Windows 10 SDKset DEPOT_TOOLS_WIN_TOOLCHAIN=0set GYP_DEFINES=”clang=0 nwjs_sdk=0 disable_nacl=1″set GYP_MSVS_VERSION=2013mkdir -p $HOME/nwjscd $HOME/nwjsgclient config –name=src https://github.com/nwjs/chromium.src.git@origin/nw12    Add this to .gclient    … Continue reading

Posted in browser, Chrome, Web, Windows | Tagged , , , | Leave a comment

Dealing with pcaps in windows using Fiddler/FiddlerCore

Many a times when we receive a pcap(especially exploit packs pcaps) for malware analysis purpose we had to do lot of manual work to load it in Fiddler and extract the objects and analyze those. While using windows, i depend … Continue reading

Posted in Malware, Malware Analyzer, Tools, Web, Windows | Tagged , , , , , , | Leave a comment

pcap2file using Suricata in windows/linux

There is no easy way to automatically extract the files from the PCAP(not PCAP-NG). We can use Suricata to extract the files (atleast whatever files transferred over HTTP). Here are the steps to configure and extract the files from the … Continue reading

Posted in Tools, Web, Windows | Tagged , , , , , | 1 Comment

FiddlerCOM

FiddlerCore is written in .Net. Most of the time when we needed to capture the traces using fiddler we had to start it manually. Here is the simple .Net code that you can use to automate this capture. using System;using … Continue reading

Posted in Fuzzing, IE, Web | Tagged , , , , | Leave a comment

Can we detect web injection attacks using 3D view ?

Today I got a chance to read one blog post on detecting web Injection attacks using 3D view. Just wanted to share this angle of looking for bug. Not sure how much this is going to be useful https://gist.github.com/3127271

Posted in Web | Tagged , | Leave a comment

Source Code Auditing – Candidate Point analysis – List of Regular Expression patterns

When we are tasked with manual code audit of a big source code base, we will get a quick result if we start with candidate point analysis. We can use regular expression patterns to find those quick issues initially. List … Continue reading

Posted in ASP.Net, C/C++, Code review experiance, Web | Tagged , , , , , | Leave a comment

WebKit/Chrome and “Search Engine” Provider

Search Engine can be added through multiple ways. You can add it through Javascript and Extension.User Agent also learns about the search engine provider through some logic. We will learn about all this in this blog. You can access the … Continue reading

Posted in Chrome, Web, webKit | Tagged , | Leave a comment