+91 840 8891 911

AWS - Pentesting

AWS Pentesting – Part – 1

Nowadays, we have experienced many data breaches exposing different vulnerabilities like s3 buckets, compromised AWS cloud environments, and many more ...
Read More
Setting up the Malware Analysis Lab


In the previous blog, we have got a basic idea about Malware like what is malware, its behavior, types, and ...
Read More
HTTP Parameter Pollution

HTTP Parameter Pollution

The parameter enables pages to load data from the back-end e.g., ID, search query. They make websites more interactive to ...
Read More
Websocket Overview

Communication Protocol – WebSocket Overview

What is a WebSocket? WebSocket is a Client-Server Bidirectional Communication protocol initiated over HTTP. WebSockets are used where there is ...
Read More
Information Security Management System (ISMS

Introduction to Information Security Management System (ISMS)

What is an Information Security Management System ? An Information Security Management System (ISMS) is a set of policies and ...
Read More
HTTP (1)

HTTP Request Smuggling

What is HTTP Request Smuggling? HTTP Request Smuggling is a vulnerability that takes advantage of the misconfiguration in parsing one ...
Read More
RISK Management

Risk Management

Every organization conducts risk assessment and mitigation in order to identify risks and minimize their impact via risk mitigation. However, ...
Read More

Misconfigured Cross-Origin Resource Sharing (CORS) Risk

The Cross-Origin Resource Sharing (CORS) is a mechanism to relax the Same Origin Policy (SOP) and to enable communication between ...
Read More
Database Configuration Audit for Security and Compliance

Database Configuration Audit for Security and Compliance [Part-1]

Database Configuration Audit is the latest buzz word everyone is talking about and every organization wants to revamp their databases ...
Read More
Json web token JWT Attack

Json web token (JWT) Attack – Most Common Scenarios

What is a JSON web token (JWT)? A JSON web token (JWT) token is an open standard which defines the ...
Read More
PA-DSS Expires by 2022

PA DSS V 3.2 to SUNSET by 2022

About PA DSS Formerly known as the Payment Application Best Practices (PABP), the Payment Application Data Security Standard (PA-DSS) is ...
Read More
PRIVACY now to be a fundamental right in INDIA

Privacy Now to be a Fundamental Right in India

Electronic data protection in India is currently governed by the Indian penal code, the information Technology Act 2000 – IT ...
Read More

How we are successfully managing & delivering the Cybersecurity Services during COVID-19 situation?

By now, we all already went through COVID pandemic’s first wave. The second wave has started hitting the world. Though ...
Read More
Web Cache Poisoning – Through Host Header Injectio

Web Cache Poisoning – Through Host Header Injection

To understand the concept of web cache poisoning first we have to understand what web cache is and why it ...
Read More
Apache Struts-2 RCE

Apache Struts-2 Exploited to Remote Code Execution

This blog is to describe my finding on a web-based application which is a very well-known vulnerability found on Apache ...
Read More
Subdomain takeover

Subdomain Takeovers – CNAMEs And Cloud Services

Introduction A Subdomain Takeovers A Subdomain takeovers, you guessed it - refers to the hostile takeover of a subdomain by ...
Read More