Amnpardaz Soft.

Introduction

Amnpardaz Software Company with experienced staff in security and with relying on their abilities and knowledge in security field has researched. The results can be classified into five major sections:

Review weaknesses of commonly used protocols
Discover vulnerabilities in web application
Discover new penetration ways
Reverse engineering
Discover vulnerabilities in security hardware

Review weaknesses of commonly used protocols

Generally, a protocol defines a set of rules for communication between devices so that devices will be compatible with each other. Today, protocols are foundation for all types of communication in virtual world. Given that these protocols are foundation of any relationship and that they are in bottom communication layers therefore; security is challenging in protocols. By this description, protocols serve an important role in computer security systems. Review of protocols is done from two perspectives:

Examine how to implement a protocol
Logic in a protocol

Discover vulnerabilities in web application

In web application penetration testing, familiarity with vulnerability in this style of programming is inevitable. In order to reach this goal, Amnpardaz Software Company has launched a web site “BugReport.ir” that publishes surveys about web applications (national and international). This site can be used by technical experts and other users such as web sites’ user and administrators, students in related fields. Due to programmers’ orientation of our country to ASP, APS.NET and PHP programming languages, company’s security unit focuses on these languages.

Discover new intrusion ways

Given the importance of security in world of computers, security experts and programmers of web application, are always trying to learn method to resolve these types of vulnerabilities in produced programs. To stay in this cycle, we require detecting new approaches and methods of intrusion. Security unit in Amnpardaz Software Company always sought to discover new ways in penetration because we believe we should always be on step ahead of others.

Reverse engineering

Sometimes existing applications are not applicable in institutes or in important and critical projects because of security issues. In these cases with use of reverse engineering, we achieve procedures and methods of the existing application and then implement it domestically.

In other areas such as malicious computer viruses and malware, reverse engineering knowledge is used to examine how they function and how they perform and their origin and destination. Reverse engineering is used to produce anti-virus and security programs and to track destructive factors that create a virus.

Discover vulnerabilities in security application

To improve security in computer systems, we are always required to use application such as anti-virus programs, fire walls, intelligent intrusion detection systems, security modules in web server level…but whether these applications are approved in terms of security? This is only achieved by applying new and existing methods to see how they are working. Sometimes logical errors are very dangerous than common errors. Security testing is another research activity in this company.

Discover vulnerabilities in security hardware

Today, increasing use of security hardware because of their features and capabilities is inevitable. Security hardware such as fire walls, intrusion detection systems, routers... although have much greater abilities compared to similar software, but because of their high cost of purchase, installation and support, they need to constantly prove their abilities. Certainly a person, company or an organization who purchases these equipments, want to receive considered performance. Therefore, investigation on this issue of whether this hardware can really answer our needs is possible with our experts in this field.