Tech News

Familiar With SQL Injection Vulnerability – Meet Ihsan Sencan

Meet Ihsan Sencan, a security researcher from Turkey who found more than 15+ SQL Injection Vulnerabilities in various Joomla Components in just one day and all related exploits have been published to various portals like Exploit-db.com, packetstormsecurity.org, cxsecurity.com and 0day.today etc. He also found more than 50+ SQL Injection Vulnerabilities in other Joomla Components/Modules in […]

Tech Articles

Web Application Hacking Methodology

Web application hacking is not just about using automated tools to find common vulnerabilities. It is indeed a methodological approach that, if followed, would help reveal many more flaws and potential security vulnerabilities. The following section describes the systematic approach and process to be followed for testing the security of web applications. 1. Analyzing web applications The […]

Q&A

Top 40 XSS (Cross Site Scripting) Revision Questions with Answers

The below questions and answers are designed to both measure your understanding of the concepts of XSS -Cross Site Scripting Attacks and Prevention. Q1: What is the difference between HTML Injection and XSS? A: Both of them refer to exactly the same thing. In one of the situations, the attacker injected valid HTML tags, while […]

Tech Articles

Complete Understanding of Web Application Security – 2017

1. Vulnerabilities There are many types of attack vectors a malicious user might use to exploit a web application and when dealing with a large web site, it is often impossible to secure all possible vulnerabilities prior to publishing it on the Internet. The primary key to creating a secure web server is to understand […]

Tutorials

Spaghetti – Web App Security Scanner Tool [Installation + Usage]

Spaghetti is a web application security scanner tool. It is designed to find various default and insecure files, configurations and misconfigurations. Spaghetti is built on python2.7 and can run on any platform which has a Python environment. Features of Spaghetti Tool – Server Detection (Apache, nginx ….) Frameworks (CakePHP, CherryPy, Django …) Firewall (Cloudflare, AWS, […]

Tech Articles

Overview of Web Application Security Testing & Compliance

In the modern age the software applications has become an integral part of an organization. Due to their so much involvement in this area they have become the new arena for security domains. As the need of software applications is rising so as the users using them. These applications must be available 24/7 & keep […]