Access Control Vulnerabilities
This blog aims to understand and demonstrate different access control vulnerabilities. The flow here will start with the theoretical explanation of what access control is…
How to Simplify Security with Cybersecurity Mesh Architecture (CSMA)?
Due to the trend of digital acceleration and different workforce options (hybrid and work from anywhere), and the fact that so many employees are now…
Exploit Kits: Attackers Preferred Exploitation Tools
Exploit Kits: Overview Cybercrime was once the domain of a tiny handful of people with excellent technical skills who leveraged their abilities for malicious acts….
Using SecLists for Penetration Testing
Introduction to SecLists Seclists is something that comes very handy to a pen tester. The simple reason is, it has a collection of all the…
Application Security: Risks and Best Practices
Applications play a crucial role in our lives as we use them for various useful purposes, ranging from shopping, interacting with people, managing finances, etc….
Security Threat Intelligence Standards – STIX and TAXII
Introduction: Security Threat Intelligence Standards (STIX and TAXII) make day-to-day SOC operations go uninterrupted with a shared strategy that provides a collaborative response to cybersecurity…
Code Injection Vulnerabilities
Introduction to Code Injection Vulnerabilities Code injection is an attack where the attacker tries to inject a code that can be interpreted and executed by…
Web Cache Poisoning DoS Attack
The Web Cache Poisoning DoS Attack, also known as CPDoS. It is a type of DoS attack that primarily relies on the webserver’s cache mechanism….
NoSQL Injection Vulnerability
In this blog, we will be discussing the NoSQL Injection Vulnerability and its exploitations scenarios. Before getting into the details of NoSQL injections, let us…
Hibernate Query Language (HQL) Injection
HQL is the abbreviation for Hibernate Query Language. Hibernate can be classified as ORM or Object-Relational Mapping. It maps class definitions with similar SQL tables that…
Categories
- Android Security (19)
- Application security (1)
- Authentication & Authorization (23)
- Blockchain Security (1)
- Bug Bounty (2)
- BYOD (5)
- Case Study (29)
- Chatbot Security (1)
- Cloud Security (14)
- Containerization Security (1)
- Corporate Training (6)
- Cyber Attack (34)
- Cybersecurity Frameworks and Solutions (3)
- Data Breaches (35)
- Data Leakage (27)
- Data Privacy (29)
- Email Phishing (8)
- Encryption & Cryptography (14)
- Ethical Hacking (19)
- General (42)
- Governance Risk & Compliance (8)
- iOS Security (2)
- IOT Security (7)
- Java Security (2)
- Mobile Application Security (19)
- Mobile Device Management (10)
- Network Pentesting (9)
- News (48)
- Password Security (10)
- Past Events (8)
- Patch Management (3)
- Ransomware Attack (14)
- Reverse Engineering (3)
- Secure SDLC (5)
- Security Advisory (34)
- Security Best Practices (43)
- Security Hardening (38)
- Social Engineering Attack (10)
- Social Networking Security (5)
- Source Code Review (2)
- SPAM (2)
- Student Oriented Courses (2)
- Thick Client Penetration Testing (4)
- Unix/Linux Security (1)
- Upcoming Events (3)
- Viruses & Malware (16)
- VoIP Penetration Testing (4)
- Vulnerability Disclosure (21)
- Web Application Security (34)
- Windows Mobile Security (1)
- Zero Day Attack (8)