Welcome everyone to this second and final post of authentication testing series. In the first part, we saw the 4 major testings that should be kept in mind as a tester. But there are others also, which can pose danger if not tested properly. Let’s... Read more »
Blog
Common security issues in Authentication – Part 1
Hey, everyone. This topic of authentication testing will actually be divided into two posts as it is quite a long topic and we have to share quite a things with you all. So, in this first post, we will tell you about one of the most common vulnerability... Read more »
Using Google for hacking and GHDB
So the title of this post looks quite catchy? Isn’t it? But be assured because yes we will really hack Google “Search” not only for the sole purpose of helping us in penetration testing but also to learn how to make our searches fruitful.... Read more »
BurpSuite – Swiss Knife for penetration testers
Welcome back everyone to this very new blog post. There are so many different tools and applications for pentesters but did you ever think which is the most loved one amongst them? Yes, there are so many like Nmap, Zap, Hydra, Nessus, and many others.... Read more »
SSL/TLS security testing
Did you ever think why some websites use http:// and some use https:// in the URL address? For example, why websites like Amazon and Facebook have addresses https://www.amazon.in/ and https://www.facebook.com instead of http://www.amazon.in and http://www.facebook.com? How... Read more »
Insecure Direct Object Reference – a modern age SQLi
In the previous posts, we already covered the most critical vulnerabilities like XSS and SQL Injection as well as some moderate ones like CSRF. In this post, we will see how to test for vulnerabilities like Insecure Direct Object References also known... Read more »
How to become a hacker in 10 mins?
Hey, welcome again everyone to this new blog post. This one is quite different from the other posts because in this post we will tell you how to become a hacker. Moreover, this post is mainly for people starting in the cyber-security field or someone... Read more »
Everything you need to know to find CSRF vulnerabilities
Welcome, everyone. In this post, we will look at another critical web application vulnerability. CSRF or Cross-Site Request forgery basically means that the application isn’t able to distinguish between the original request that a user sends or... Read more »
SQL injection exploitation with and without SQLmap
Hey everyone. Welcome in this brand new tutorial in which we are going to look at “SQL Injection”, one of the most dangerous web application vulnerability considered by the OWASP Top 10. What really is SQL Injection? SQL injection flaws occur... Read more »
3 must have tools for Penetration testers
Welcome folks. In the previous posts, we have been talking about web application penetration testing in depth. But in this post, we will look at the 3 most useful tools which many bug bounty hunters and penetration testers use for their daily testing... Read more »
HACKING IOS APPLICATIONS, LIKE A PRO – Registrations Open
Intro Can you guess an attack surface, which is constantly moving, connecting to several different wifi, stores user critical information and is still highly insecure? Well the answer is,... Read more »
How to approach for XSS hunting in a web application.
Hi, every security enthusiast out there. In this blog, we are going to tell you how to approach to find Cross-Site Scripting vulnerabilities in a web application. So what is XSS and why is it so dangerous? XSS or Cross-site scripting is a type of web... Read more »