OWASP TOP10 2017
New OWASP TOP10 classification was improved with the latest trends in information security and web application security. Some points were removed, some new added or merged into one. Below we can see...
View ArticleWhat is penetration testing
Many companies without own security department or competencies ask what penetration testing is and why it is needed. First of all, I propose to sort out the question – what is it all about?...
View ArticleBlackWidow
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer...
View ArticleQuick Vulnerability Assessment of Web Application & Server
Today we going to emulate quick and simple vulnerability assessment of our web application with help of some open source security tools. List of tools we going to use is available below: Google &...
View ArticleVulnerability Assessment
A vulnerability assessment is the process of defining and identification, classifying and prioritizing vulnerabilities in networks and computer systems, applications and databases and providing the...
View ArticleAutomated recon tool with PHP, cURL, wafw00f, WhatWeb, Whois
Recon (Reconnaissance) – The act of gathering important information on a target system. This information can be used to better attack the target. For example, open source search engines can be used to...
View ArticleVega
Vega is a free and open source web security scanner and web security testing platform to test the security of web applications. Vega can help you find and validate SQL Injection, Cross-Site Scripting...
View ArticleBlack Box Penetration Testing Tips & Tricks
Let’s quickly walk through some interesting and useful tricks for penetration testing with black box modal approach. This article oriented mostly for external type of pentesting where you have steps...
View ArticleEffective Network Scanning Tools
What is network security First of all, let’s try to understand what is network security and on the next step we going to list and discuss security tools for effective network security scanning. As...
View Article2019’s Most Common IoT Security Threats to Consider
Being used in hitherto unheard of sectors, IoT is gaining momentum day in day out! Due to which more and more companies are jumping on the IoT bandwagon with various point solutions and capabilities....
View ArticleUseful tools for OSINT
What is OSINT? Open Source Intelligence, or “OSINT,” was defined by the Department of Defense (DoD) as “produced from publicly available information that is collected, exploited, and disseminated in a...
View ArticleSomeone asked to share UpWork account
Over the past couple of years, there have been more frequent cases with requests to provide access to the account on UpWork for money. Usually people ask to provide such access as some kind of rent...
View ArticleTPM-FAIL Vulnerabilities Threaten PCs, Laptops, Servers, and Other Devices
A joint group of researchers from the Worcester Polytechnic Institute (USA), the University of Lubeck (Germany) and the University of California at San Diego (USA) revealed details of two problems,...
View ArticlePenetration Testing for GDPR
What is GDPR? The General Data Protection Regulation (GDPR) is focused on the personal data of citizens within the European Union. GDPR is often viewed as having two primary goals within the EU and...
View ArticleWeapons of mass delusion: 10 simple recipes for successful social engineering
What is social engineering? Social engineering, in the context of information security, is the psychological manipulation of people into performing actions or divulging confidential information. This...
View ArticleDetails disclosed for four 0-day vulnerabilities in IBM Data Risk Manager
Agile Information Security’s lead researcher and a well-known bug hunter regularly involved in hacking events such as Pwn2Own, Pedro Ribeiro has posted on GitHub the details of four zero-day...
View Article15 tips to protect against spying on your smartphone
Mobile phones have long become an integral part of our personal space. However, with the growing number of cyber crimes and the popularity of third-party applications, the confidentiality of data...
View ArticleHow to use torrents safely and legally
Torrents work on P2P technology, when there is no central server or repository, all network participants have the same rights and can download files from dozens (or hundreds) of other computers. With...
View ArticleVBulletin fixed a dangerous vulnerability
VBulletin developers encouraged everyone to update their installations as quickly as possible. The fact is that a critical vulnerability has been fixed in the forum engine. Let me remind you that...
View ArticleTop online courses to improve Python skills
Python is one of the most popular general-purpose high-level programming languages. Due to its fairly simple syntax, flexibility, and scalability, as well as an active global community, it is of great...
View Article
More Pages to Explore .....