Ongoing Projects

1. Permission Analysis of Frequently Used Mobile Applications via Reverse Engineering (Domain - Security Testing)

2. Detection of Malicious Emails in Android Smartphones (Domain - Security Testing)

3. Automatic Security Assessment tool for Online Internet Banking (Domain - Security Testing)

3. Automatic Security Assessment tool for Online Internet Banking (Domain - Security Testing)

4. Tool for Automated Penetration Testing (Domain - Security Testing)

5. An effective tool for web application defacement (Domain - Security Testing)

6. Security of smart logistics and intelligent container (Domain - Secured IoT Devices)

7. Blockchain based system for record keeping (Domain - Blockchain Security)

8. Proof of Pseudonym: Blackchain-based Privacy Preserving Protocol for Intelligent Transport System (Domain - Blockchain Security)

Project Completed/Tools Developed

1. Automated Tool for Security Asset Classification (ATSAC)

Version: V 1.0

ATSAC provides an organization a detailed overview about the security requirements for their assets and to prioritize their assets for security testing by providing them a detailed report.

Silent Features:

  • Can be utilized in any phase of the development lifecycle.
  • Used to assess the security of a single application or classify multiple applications based on their security posture.
  • Is customized, an organization can set the tool parameters according to their requirements.

Download Code:

Download JAR File:

Demo:

2. ISSL-Testbed for Web Application Vulnerabilities (ISSL-Testbed)

Version: V 1.0

ISSL-Testbed is deliberately insecure web application used for training/practice and development of vulnerability testing tools and techniques in controlled environments. Currently, the testbed contains most of the injection vulnerabilities such as SQL injection, XML injection, XSS, XPaths, JSON injection, etc. Other types of vulnerabilities will be included in the next version of the testbed.

Silent Features:

  • A free and open-source testbed.
  • Helps security enthusiasts, developers, and students to discover and to prevent web vulnerabilities.
  • Prepares one to conduct successful penetration testing and ethical hacking projects.
  • Used to test or evaluate the developed tool for the particular vulnerability included in the testbed.

Download Code:

Demo:

3. Evolutionary Algorithm based Vulnerability Detection Tool (EAB-VDT)

Version: V 1.0

EAB-VDT is purely based on evolutionary algorithm (EA) to generate effective testcases for the following vulnerabilities and detect them in an adequate time.

  • JSON Injection
  • XML Injection
  • Cross Site Scripting
  • SQL Injection

Silent Features:

  • Utilizes evolutionary testing technique for effectiveness and efficiency.
  • The gray-box approach of the tool allows for precise & accurate results.
  • It is available in one complete module which contain all the above-mentioned vulnerabilities.
  • The tool is also available in a single vulnerability module.

Download Code:

Download JAR File:

Demo:

4. Smart Container (Smart Logistics)

Version: V 1.0

Smart Container is based on the integration of IoT technology with logistic modules.The container is used to securely transmit information of environmental parameters inside a container during land or sea transportation to ensure confidentiality and integrity of the transmitted data.

Silent Features:

  • Trust-based model categorizes IoT devices into either Entity-Oriented Trust Model (EOTM), Data-Oriented Trust Model (DOTM), Combined Trust Model (CTM).
  • The proposed framework used in the container outperforms random nodes placement scenarios by using percentage increase rule.
  • Random and Interval based scans on nodes ensure a secured.
  • Identification of Malicious nodes based on Multi-criteria decision mechanism.

Download Code:

Demo:

5. Supply Chain Management Application (Blockchain-SCMA)

Version: V 1.0

A decentralized approach to a Management Information System (MIS). Keeps track of every step or movement of products by using blockchain technology to identify the origin of an item and tracking its path from its source to destination. Provides easy to use and modern interface for all stakeholders.

Silent Features:

  • Provides provenance of individual products and tracking its path from its source to destination.
  • The value of luxury items such as diamonds, works of art, and more depend in large part on their history.
  • The application has been developed for the gems and jewels industry, as well as for perishable food products.

Download Code:

Demo:

6. Pseudonym based Anonymous Chat Application (Chapp)

Version: V 1.0

Chaap is pseudonym based anonymous chatting application focused on privacy and secrecy of chats. Chaap provideds as a basic application platform for organization which will further be customized depending on the organizational requirements i.e., file sharing mechanisms, notifications system mechanism etc.

Silent Features:

  • Deliver confidential messages in a private, secure and anonymous manner without being stored on any central party.
  • Confidential messages to be sent only if the user is online.
  • Use of Pseudonym instead of real identity. Pseudonym can not to be traced backed to the original user.
  • Application maintenance service is also available.

Download Code:

Demo: