OUR
BLOG

09 Nov 2017

Insecure Direct Object Reference – a modern age SQLi

In the previous posts, we already covered the most critical vulnerabilities like XSS and SQL Injection as well as some moderate ones like CSRF. In this post, we will see how to test for vulnerabilities like Insecure Direct Object References also known as IDOR. So, what is IDOR actually? IDOR was considered to be the […]

Read more
24 Oct 2017

How to become a hacker in 10 mins?

Hey, welcome again everyone to this new blog post. This one is quite different from the other posts because in this post we will tell you how to become a hacker. Moreover, this post is mainly for people starting in the cyber-security field or someone who wants to learn how to hack after watching the […]

Read more
20 Oct 2017

Everything you need to know to find CSRF vulnerabilities

Welcome, everyone. In this post, we will look at another critical web application vulnerability. CSRF or Cross-Site Request forgery basically means that the application isn’t able to distinguish between the original request that a user sends or a forged request that an attacker makes a user send. The most important thing about CSRF attacks is […]

Read more
20 Oct 2017

SQL injection exploitation with and without SQLmap

Hey everyone. Welcome in this brand new tutorial in which we are going to look at “SQL Injection”, one of the most dangerous web application vulnerability considered by the OWASP Top 10. What really is SQL Injection? SQL injection flaws occur when untrusted data is sent to an interpreter as part of a command or […]

Read more
20 Oct 2017

3 must have tools for Penetration testers

Welcome folks. In the previous posts, we have been talking about web application penetration testing in depth. But in this post, we will look at the 3 most useful tools which many bug bounty hunters and penetration testers use for their daily testing and bug hunting. Why only 3 tools? This post is totally based […]

Read more
12 Oct 2017

How to approach for XSS hunting in a web application.

Hi, every security enthusiast out there. In this blog, we are going to tell you how to approach to find Cross-Site Scripting vulnerabilities in a web application. So what is XSS and why is it so dangerous? XSS or Cross-site scripting is a type of web application vulnerability. It is considered to be one of […]

Read more
06 Oct 2017

Pentesting a wordpress website using WPSCAN

Ever thought of quickly testing a WordPress website for known vulnerabilities and expired plugins or themes? Well, here is a blog on one of such fantastic tool $wpscan What is WordPress and why is it famous? WordPress is an online, open source website creation tool. It makes website creation super easy and is very user-friendly. […]

Read more
06 Oct 2017

5 nmap scans to help you in Penetration testing

Hi, everyone. In this post, we are going to discuss the 5 Nmap scans every penetration tester should add in their arsenal. So what is Nmap and why is it widely used? In simple terms, Nmap(Network Mapper) is a security scanner which is used to discover hosts and services on a computer network. It is […]

Read more

Want to know anything about Enciphers or how we work?