How to pentest e-commerce website Setting up an E-commerce system is a complex process. It is necessary to be protected and customer privacy at the top of your agenda as a Retailer. To maintain the integrity of the E-commerce system, Read more…

CSRF Attack For Banking Apps Cross-site request forgery vulnerability is currently ranked Number 8 on the OWASP Top 10 vulnerabilities chart and is a very common application-layer vulnerability to exploit. It’s also known as a one-click attack, Session Riding and abbreviated as CSRF Read more…

Cloud Star Certification for Cloud Services Providers 1.What is CSA STAR Certification? CSA STAR Certification is a unique new scheme developed to address specific issues relating to cloud security as an enhancement to ISO/IEC 27001. Whilst ISO/IEC 27001 standard is Read more…

Cloud Application Pentesting With the growth of cloud computing, Penetration testing deployment is becoming bit difficult due to its shared responsibility model. Cloud computing brings concept of shared ownership to penetration testing. We will discuss here about the cloud, as well as Read more…

⦁ Basic of IoT Security Threat Modelling The Internet of Things or IoT as we call it can be treated as to be interrupting the interruption. IoT where all the non humans are both clients as well as servers is Read more…

RCIE Course Modules: 3.9 Wireless Security Devices Compliance What are wireless security protocols? Wired Equivalent Privacy (WEP), (WPA) Wi-Fi Protected Access, Wi-Fi Protected Access 2 (WPA2), and Wi-Fi Protected Access 3 (WPA3) are security protocols developed to secure computer networks. Read more…

WEB APPLICATION VULNERABILITY Web Application Vulnerabilities are some of the most common flaws leading to modern data breaches, These are not limited to only XSS(Cross Site Scripting) and SQL INJECTION. Application Vulnerability – Software system flaws or weaknesses in an application that Read more…

Vulnerabilities in Ruby-on-Rails Framework & How to prevent it: Ruby-on-rails—it’s modular, easy-to-read, and broadly supported by legions of loyal developers. Many of the world’s most trafficked websites have relied on Rails to deliver scalable and highly available web services. As Read more…

Vulnerabilities in Ruby-on-Rails Framework & How to prevent it: Ruby-on-rails—it’s modular, easy-to-read, and broadly supported by legions of loyal developers. Many of the world’s most trafficked websites have relied on Rails to deliver scalable and highly available web services. As Read more…

Vulnerabilities in play Framework Http only cookie bypass CVE-2015-2156 Description A vulnerability has been found in Play’s cookie handling code that could allow an attacker to bypass the httpOnly flag on sensitive cookies. Impact Any Play apps that reflect cookie values back Read more…