In today’s digital age, cybersecurity has become a critical field, essential for protecting information and systems from ever-evolving threats. Whether you’re a beginner looking to break into the industry or an experienced professional…
Read moreAs companies accept new digital technologies, the possibility of being targeted by cyber-attacks increases. Increasing network complication through digital innovation often makes unique network differences that cyber attackers can take advantage of. If…
Read moreDesigning the database is a key step, largely because changes to the database at a later date have far larger implications and potential complications than changing any other aspect of the site. Adding functionality through…
Read moreThe information security environment has changed vastly over the years. Now, in spite of having security policies, compliance, and infrastructure security elements such as firewalls, IDS/IPS, proxies, and honey pots deployed inside every organization, we hear…
Read moreThe “HOST” header is part of the http protocol, vulnerable applications are vulnerable because they insert the value of this header into the application code without proper validation, this means not only applications…
Read moreBurp Suite is an intercepting HTTP Proxy, and it is the defacto tool for performing web application security testing. Burp is highly functional and provides an intuitive and user-friendly interface. Its proxy function…
Read moreApprox a year back, Mozilla added a new feature “Captive Portal” support to Firefox browser in an attempt to enhance usability when connecting to free Wi-Fi portals. Captive Portal feature covers the detection…
Read moreHack The Box is an online platform allowing you to test your penetration testing skills and exchange ideas and methodologies with other members of similar interests. It contains several challenges that are constantly…
Read moreFor those who are interested in learning how to do Penetration Testing, there are many tools and operating systems are available, but very few targets to practice against safely – not to mention…
Read moreAs seen from the previous articles, SQL injection has the ability to attack a web server database, compromise critical information, and expose the server and the database to a variety of malicious exploits;…
Read moreThe most prominent components of web applications that intruders will first seek to exploit are vulnerabilities within the web platform. The web platform commonly includes: Web server software (such as IIS or Apache)….
Read moreThe below questions and answers are designed to both measure your understanding of the concepts of XSS -Cross Site Scripting Attacks and Prevention. Q1: What is the difference between HTML Injection and XSS?…
Read moreThose of us who have conducted or participated in a penetration test will understand that tools are not the only thing necessary to successfully complete a PenTest. Methodologies are essential for ensuring that…
Read moreWeb Application Proxies like Burp Proxy, WebScarab or Tamper Data Addon allow a security tester to intercept the requests/responses between the client HTTP application and the web server. Proxies are the fundamental for…
Read moreSecurity is a state in which we ensure a proper gap between the threats and assets of an organization. We try to either move assets far away from threats or we try to…
Read more