Penetration testing is performed on Win 7, Win Server 2008, Ubuntu form Kali being the attacker. All the Penetration test is performed on the Virtual machine by creating a test lab environment setup Win7, Win Server 2008 and Ubuntu on Read more…
Network VAPT tools Comparison Network VAPT is the assessment procedure that is conducted by safety experts on the user’s network for identifying possible vulnerabilities that the attackers might exploit. The primary objective of a network penetration test is to recognize Read more…
Would you readily give your residential address to a stranger? No? Aren’t you extra cautious while opening an email from an unknown sender? Yes? Good! How about extending the same sense of protection to your smart phone while downloading apps? Read more…
While providing consultancy on cyber security, I am often asked a question by bank’s senior IT management — Why our application VAPT should be different than any other application VAPT? Isn’t it just a web app after all? I really Read more…
I guess most of us know why a vulnerability assessment and penetration testing needs to be performed for web apps or mobile apps. Lately I had been asked by IT product development companies to put together the most critical drivers Read more…
Did you know that a mobile application, on an average has 9 vulnerabilities? Multiply that by the average number of installed applications (26.2) and you end up with an average of 235.8 vulnerabilities. In simple words, there are 235.8 ways Read more…
We all know that there are 3 distinct pillars of software testing – functional testing, security testing and performance testing. There are multiple tools out there, to make tester’s life easy. While these automations are a important, there are few Read more…
Year 2018 was full of cyber-attacks and the most serious news was about well-orchestrated cyber-attacks on banking industry. No matter how much awareness is generated, unfortunately the banking industry seems to be waking up only upon hearing about an attack Read more…
Test cases for SQL Injection via ORM Sink What is an SQL injection? SQL injection (SQLi) is a major or one of the top OWASP application security weakness that allows attackers/hackers to inject, gain control in an application’s database and Read more…
Steps: ⦁ I used a vulnerable website (⦁ http://testhtml5.vulnweb.com/#/popular) a)Pre-settings to be done b)Go to the vulnerable website: c) Do Forget password: ⦁ I have used Burpsuite to Intercept the data ⦁ Generated a request to generate new password ⦁ Read more…