Security DB

With an aim to address rapidly evolving spectrum of cyber threats , We are continuosuly working and developing huge vulnerability and security repository that keep track of all recently released exploits changing the way analysts share and research threat intelligence. Keep your vulnerability database updated with CDI's repository of latest exploits.

Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.


We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert lever we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Forget the $120 IP Box tool, now you can download free tool for brute-forcing iPhone from GitHub. A famous iOS Hacker Majd Alfhaily has released a brute-force tool for iPhones and IPads named Translock. According to Majd, Translock uses the same technique as used by IP Box to bypass the blockage after 10 failed attempts for PIN. Translock works for Jailbroken iOS Devices only, in order to gain unsigned code execution privilege. Majd wrote a code for this brute-force attack, tha

After a huge controversy over Super fish Adware fiasco in Lenovo laptops, another story is in the market. Tom Forbes, an independent researcher, has written blog revealing a backdoor present in "Dell System Detect" software. According to Tom Forbes, Dell System Detect software has a critical flaw that lets an attacker to remotely attack a user by drive by download technique and execute arbitrary file without user consent. This Remote Code Execution vulnerability in Dell System Detect

PaloAlto Networks discover Vulnerability in Android Installer which may lead to hijacking of Android and expose users to Malware installation without their consent. Malware Distribution has always be the favorite work of Cybercriminals to attack the users and get money out of it. Whether Banking malware or whether System malware, each of them have same target - making money for their author. Malware are spread by their authors in various ways. Everyday Researchers discover these new ways cybe

An independently working group of Portuguese Security researchers called WebSegura, has released a Proof-of-concept showing how Instagram can be exploited to spread Malware to the Instagram users. David Sopas, one of the researcher from the group, have found a RFD (Reflected Filename Download) Vulnerability in Instagram API which can lead to serious damage. This bug is present in the Instagram API and by simply entering batch commands to create reflected filename download link, a series o

Remember few months back a report was published by researchers at University of Georgia revealed technique to hack Air-Gapped systems using side channel signals. This time Israeli researchers atBen Gurion University have got a way to steal data from computer just by using the heat generated by it and computer's built-in thermal sensors. The technique would allow the cybercriminals to access the system of victim even without Internet! The heat emissions from the victim's PC can be used

Researchers at Symantec have found a new and upcoming RAT (Remote Access Tool), which is freely available in black market and cybercriminals are ready to do their hands dirty using it to the fullest. The latest RAT called NanoCore, identified as Trojan.Nancrat by Norton, was previously available in underground market at a Price of 25 USD. But a report reveals that the a cracked version of the NanoCore RAT is now available freely. Symantec emphasised on "humans tendency to incline

OpenSSL project, today, fixed a dozen of High-Severity rated Vulnerabilities including the recently discovered FREAK Vulnerability, allowing users to get down to an encryption which can be cracked easily. OpenSSL released a security advisory listing 12 Vulnerabilities out of which the top one is the "ClientHello sigalgs DoS (CVE-2015-0291)" Vulnerability. It is basically a Denial-Of-Service attack exploit vulnerability, under which if a user connects to an OpenSSL server and re

In January the researchers at Qualys reported a serious vulnerability in Linux systems worldwide dubbed as GHOST Vulnerability. Again the researchers at Qualys have presented an Exploit available for Successful exploitation of GHOST Vulnerability. Researchers released a standalone Metasploit module exploiting the GHOST Vulnerability remotely. According to the researchers, the module provided for the demonstration purpose, enables Metasploit to get the terminal access, i.e. remote code ex

Authy, a Twilio Inc. product, is a service that aims to better protect data online with two-factor authentication. But the researchers at Sakurity have come up with a vulnerability that lets you bypass 2-Factor Authentication for Authy by just typing in something as simple as "../sms" keyword in the token field. According to the researchers, the attacker can bypass 2-factor authentication on any website whether it's Google, Facebook, Twitter or any other. But

Is Apple Trolled? Is it the way they are gonna sell their new Macs? Already Apple watch have been a laughingstock on Internet and also with an ASUS infographic, it added gasoline to fire. Similarly, for the New Macbook a lot of negative reviews are being spread on social media sites, YouTube and Venturebeat also made a review. But keeping them all aside, we are more focussed on a user's security. Apple never compromise on this part, as it seems to be from their multi-billion dollar R&