Vulnerability Assessment in Web Applications – Steps, Strategies, and Tools

In today’s digital age, web applications are the backbone of many businesses. However, they are also a prime target for cyberattacks. A vulnerability assessment is a critical process that helps identify and mitigate…

Emerging Trends in Vulnerability Assessment and Penetration Testing (VAPT) for 2025

Tech Articles By Sarcastic Writer · January 8, 2025 · Comments off

In the ever-evolving world of cybersecurity, Vulnerability Assessment and Penetration Testing (VAPT) continues to be a critical process for identifying and mitigating security weaknesses. As organizations face increasingly sophisticated threats, VAPT methodologies and…

Top 10 Platforms to Learn Cybersecurity

Tech Articles By Sarcastic Writer · September 10, 2024 · Comments off

In today’s digital age, cybersecurity has become a critical field, essential for protecting information and systems from ever-evolving threats. Whether you’re a beginner looking to break into the industry or an experienced professional…

How and Why Your Business Should Conduct Cybersecurity audit

Articles By Sarcastic Writer · June 8, 2021 · Comments off

As companies accept new digital technologies, the possibility of being targeted by cyber-attacks increases. Increasing network complication through digital innovation often makes unique network differences that cyber attackers can take advantage of. If…

Host Header Attack – Practical Exploitation and Prevention

Tutorials By Sarcastic Writer · July 6, 2018 · Comments off

The “HOST” header is part of the http protocol, vulnerable applications are vulnerable because they insert the value of this header into the application code without proper validation, this means not only applications…

HTTP PUT Method Exploitation – Live Penetration Testing

Tutorials By Sarcastic Writer · January 23, 2018 · Comments off

In this article, we’ll be exploiting the HTTP PUT method vulnerability on one of the Metasploitable2 webserver through which you can easily upload any malicious file onto the server and can gain the…

Testing Methods for HTTPS with OpenSSL, Curl and Nmap

Tutorials By Sarcastic Writer · January 23, 2018 · Comments off

If you’re using the HTTP protocol for surfing Internet, you usually use only using two of its methods i.e. GET and POST. However HTTP has a number of other methods like OPTIONS, TRACE,…

Simple Tips to Prevent SQL Injection Vulnerability

Tech Articles By Sarcastic Writer · December 22, 2017 · Comments off

As seen from the previous articles, SQL injection has the ability to attack a web server database, compromise critical information, and expose the server and the database to a variety of malicious exploits;…

Mitigations for Common Web Application Flaws

Tech Articles By Sarcastic Writer · December 18, 2017 · Comments off

The most prominent components of web applications that intruders will first seek to exploit are vulnerabilities within the web platform. The web platform commonly includes: Web server software (such as IIS or Apache)….

Top 40 XSS (Cross Site Scripting) Revision Questions with Answers

Q&A By Sarcastic Writer · November 12, 2017 · Comments off

The below questions and answers are designed to both measure your understanding of the concepts of XSS -Cross Site Scripting Attacks and Prevention. Q1: What is the difference between HTML Injection and XSS?…

[Solution] SSL Handshake Alert Error – Burp Suite

Tutorials By Sarcastic Writer · October 26, 2017 · Comments off

Web Application Proxies like Burp Proxy, WebScarab or Tamper Data Addon allow a security tester to intercept the requests/responses between the client HTTP application and the web server. Proxies are the fundamental for…