Comma separated vulnerability also known as Formula Injection/csv injection. Introduction: This document demonstrates the CSV injection a technique for exploiting “Export to Spreadsheet” functionality. While working on some project, I have found this vulnerability in one of the Microsoft’s product i.e. CRM – Customer Relationship Management What is CRM? : It is a product by […]
Introduction Compliance to the ISO 27001 standard and associated controls helps an organization to understand information security risks and develop an information security management system (ISMS) in order to address the risks identified. The ISO 27001 implementation process aims to provide management an intuitive understanding of information security. However, management also requires answers to the […]
In this article we will learn on how to do the forensic of USB devices, how to correlate the USB device with the drive letter and how to see at what time the USB device was plugged in and plugged out. This article may be very useful for the military forces as they can easily […]
by Kush Wadhwa, NII Consulting Are you working as a cyber crime investigator and looking for something which can prove in court of law that there was some pornographic content on the suspect’s machine? Let me help you out in this case.There is a file with a name “thumbs.db” which is automatically generated by Windows […]
by Kush Wadhwa, NII Consulting There are times when you don’t have sufficient tools to understand the file system. At that time your knowledge in field of digital forensics will play a crucial role. In this article we will study a volume boot sector format of FAT32 file system and will see how to take […]
by Kush Wadhwa, NII Consulting Have you ever thought of what happens when you hit the delete button? Delete: When we simply delete a file we are throwing that file in the recycle bin of that particular volume. For example, if file resides in C: drive having FAT32 as file system and we delete a […]
by Kush Wadhwa, NII Consulting In this article I will cover the basic concepts of NTFS file system. In NTFS (New Technologies File System) all important data like the basic file system administrative data are stored in a file and these files can be stored anywhere in a particular volume. These files don’t have reserved […]
by Chetan Gupta, NII Consulting Many a times as an investigator, I have to deal with the issue of carving data from unallocated spaces in a partition. There are many commercial data carving tools such as Encase, Winhex, Accessdata FTK, DataLifter, ILookInvestigator. Well, I have tried most of these and must say most of them […]
by Chetan Gupta, NII Consulting Well, last week was abuzz with activity when we had to recover data from a corrupt Linux hard disk. Thought it would be pretty easy but as soon as I loaded the hard disk, I knew something was amiss.
By Kush Wadhwa, NII Consulting Have you ever thought of hiding data in such a manner that it cannot be deleted even after the hard disk is formatted? Well, in this this article , we’ll look at just that; we will see how you can hide and unhide crucial data on your hard disk. The […]
