Tutorials

Subdomain Bruteforcing with SubBrute

SubBrute is one of the most popular sub-domain brute forcing tool through which we can easily enumerate the best possible sub-domains of any domain along with all DNS records. It is one of the fastest sub-domain enumeration tool based on python language. The best thing about SubBrute is that, it uses open resolvers as a […]

Tutorials

Apache Server Hardening – Kali Linux 2017

The Apache Web server is a remarkable piece of software. The basic package distributed by the Apache Software Foundation is quite complete and very powerful, and a lot of effort has gone into keeping it from suffering software bloat. One facet of the package makes it especially remarkable: it includes extensibility by design. Apache is the dominant […]

Tutorials

Simple Tips to Prevent SQL Injection Vulnerability

As seen from the previous articles, SQL injection has the ability to attack a web server database, compromise critical information, and expose the server and the database to a variety of malicious exploits; however, there are measures that can be applied to mitigate SQL injection attacks. Use of these practices does not guarantee that SQL […]

Articles

The Top Security Vulnerabilities

Unvalidated data Never trust anything you get from a Web browser. The browser is completely outside of your control, and it’s easy to fake values like the HTTP referrer. It’s also easy to fake a hidden field in a form. More importantly, when dealing with forms, for example, validate the data carefully. Use a “deny all, […]

Articles

Top 10 Bluetooth Threats which you need to know

Although Bluetooth is extremely convenient for short-range wireless data transfers, it also has several security risks if not configured and used securely. Following are some of the common Bluetooth threats: 1. Loss of personal data : An attacker can exploit existing Bluetooth vulnerabilities to steal personal and confidential data like contacts, SMS (Short Message Service […]

Articles

Mitigations for Common Web Application Flaws

The most prominent components of web applications that intruders will first seek to exploit are vulnerabilities within the web platform. The web platform commonly includes: Web server software (such as IIS or Apache). Extensions to the web server, such as ISAPI filters and extensions, or Apache modules. Dynamic execution environments like ASP.NET, PHP, and J2EE […]

Articles

Web Application Hacking Methodology

Web application hacking is not just about using automated tools to find common vulnerabilities. It is indeed a methodological approach that, if followed, would help reveal many more flaws and potential security vulnerabilities. The following section describes the systematic approach and process to be followed for testing the security of web applications. 1. Analyzing web applications The […]

Articles

Top 5 Components of an Android Application

From an end-user perspective, an Android application may appear as a simple standalone application. However, any Android application consists of many components that work in the background to accomplish the given task. Android is a free and open operating system from Google that runs on all kinds of devices from phones, to tablets and even televisions. […]

Articles

Top 6 Symptoms of an Intrusion

Whenever there’s an intrusion into a system (human or malware), it makes a lot of changes in various parts of the affected system. The intrusion might create new files or delete existing ones, change Registry entries, modify user accounts, and so on. Following are some of the signs of a possible intrusion: 1. Login failures for valid […]