CRLF Injection
Before going into details on what and how to find and perform CRLF injection and what are the measure one should take from this to…
AWS Pentesting – Part – 1
Nowadays, we have experienced many data breaches exposing different vulnerabilities like s3 buckets, compromised AWS cloud environments, and many more so avoid this it is…
MALWARE ANALYSIS – PART 2 (SETTING UP THE LAB)
In the previous blog, we have got a basic idea about Malware like what is malware, its behavior, types, and a brief introduction to Malware…
HTTP Parameter Pollution
The parameter enables pages to load data from the back-end e.g., ID, search query. They make websites more interactive to the back-end as well as…
Communication Protocol – WebSocket Overview
What is a WebSocket? WebSocket is a Client-Server Bidirectional Communication protocol initiated over HTTP. WebSockets are used where there is continuous streaming of data over…
Introduction to Information Security Management System (ISMS)
What is an Information Security Management System ? An Information Security Management System (ISMS) is a set of policies and procedures for managing organizational confidential…
HTTP Request Smuggling
What is HTTP Request Smuggling? HTTP Request Smuggling is a vulnerability that takes advantage of the misconfiguration in parsing one or more HTTP devices or…
Risk Management
Every organization conducts risk assessment and mitigation in order to identify risks and minimize their impact via risk mitigation. However, risk assessment is highly crucial…
Misconfigured Cross-Origin Resource Sharing (CORS) Risk
The Cross-Origin Resource Sharing (CORS) is a mechanism to relax the Same Origin Policy (SOP) and to enable communication between websites, served on different domains,…
Database Configuration Audit for Security and Compliance [Part-1]
Database Configuration Audit is the latest buzz word everyone is talking about and every organization wants to revamp their databases to produce and store a…
Categories
- Android Security (19)
- Application security (1)
- Authentication & Authorization (22)
- Blockchain Security (1)
- Bug Bounty (2)
- BYOD (5)
- Case Study (29)
- Chatbot Security (1)
- Cloud Security (14)
- Containerization Security (1)
- Corporate Training (6)
- Cyber Attack (34)
- Cybersecurity Frameworks and Solutions (1)
- Data Breaches (35)
- Data Leakage (27)
- Data Privacy (29)
- Email Phishing (8)
- Encryption & Cryptography (14)
- Ethical Hacking (19)
- General (34)
- Governance Risk & Compliance (8)
- iOS Security (2)
- IOT Security (7)
- Java Security (2)
- Mobile Application Security (19)
- Mobile Device Management (10)
- Network Pentesting (9)
- News (48)
- Password Security (10)
- Past Events (8)
- Patch Management (3)
- Ransomware Attack (14)
- Reverse Engineering (3)
- Secure SDLC (5)
- Security Advisory (34)
- Security Best Practices (42)
- Security Hardening (38)
- Social Engineering Attack (10)
- Social Networking Security (5)
- Source Code Review (2)
- SPAM (2)
- Student Oriented Courses (2)
- Thick Client Penetration Testing (4)
- Unix/Linux Security (1)
- Upcoming Events (3)
- Viruses & Malware (16)
- VoIP Penetration Testing (4)
- Vulnerability Disclosure (21)
- Web Application Security (34)
- Windows Mobile Security (1)
- Zero Day Attack (8)