Hello, my hacker friends and the whole security community out there. We have discussed a whole lot of random topics previously and we do guess that you people must have learned a lot from there. But today, we thought of doing something different and guess... Read more »
Blog
Injection Attacks
Hey everyone to this new post on Injection attacks. We had already discussed the SQL Injection attack in one of our previous posts. Since SQL Injection was a big topic, we discussed it separately. Take a look at that post here. In this post, we are going... Read more »
Common security issues in Authentication – Part 2
Welcome everyone to this second and final post of authentication testing series. In the first part, we saw the 4 major testings that should be kept in mind as a tester. But there are others also, which can pose danger if not tested properly. Let’s... Read more »
Common security issues in Authentication – Part 1
Hey, everyone. This topic of authentication testing will actually be divided into two posts as it is quite a long topic and we have to share quite a things with you all. So, in this first post, we will tell you about one of the most common vulnerability... Read more »
Using Google for hacking and GHDB
So the title of this post looks quite catchy? Isn’t it? But be assured because yes we will really hack Google “Search” not only for the sole purpose of helping us in penetration testing but also to learn how to make our searches fruitful.... Read more »
BurpSuite – Swiss Knife for penetration testers
Welcome back everyone to this very new blog post. There are so many different tools and applications for pentesters but did you ever think which is the most loved one amongst them? Yes, there are so many like Nmap, Zap, Hydra, Nessus, and many others.... Read more »
SSL/TLS security testing
Did you ever think why some websites use http:// and some use https:// in the URL address? For example, why websites like Amazon and Facebook have addresses https://www.amazon.in/ and https://www.facebook.com instead of http://www.amazon.in and http://www.facebook.com? How... Read more »
Insecure Direct Object Reference – a modern age SQLi
In the previous posts, we already covered the most critical vulnerabilities like XSS and SQL Injection as well as some moderate ones like CSRF. In this post, we will see how to test for vulnerabilities like Insecure Direct Object References also known... Read more »
How to become a hacker in 10 mins?
Hey, welcome again everyone to this new blog post. This one is quite different from the other posts because in this post we will tell you how to become a hacker. Moreover, this post is mainly for people starting in the cyber-security field or someone... Read more »
Everything you need to know to find CSRF vulnerabilities
Welcome, everyone. In this post, we will look at another critical web application vulnerability. CSRF or Cross-Site Request forgery basically means that the application isn’t able to distinguish between the original request that a user sends or... Read more »
SQL injection exploitation with and without SQLmap
Hey everyone. Welcome in this brand new tutorial in which we are going to look at “SQL Injection”, one of the most dangerous web application vulnerability considered by the OWASP Top 10. What really is SQL Injection? SQL injection flaws occur... Read more »
3 must have tools for Penetration testers
Welcome folks. In the previous posts, we have been talking about web application penetration testing in depth. But in this post, we will look at the 3 most useful tools which many bug bounty hunters and penetration testers use for their daily testing... Read more »