Featured
-
No Featured Found!
Tags
Why Cyber Security Is Important For Business Enterprises?
A whopping 98 percent of businesses in the UK are operating online using multiple platforms, including websites, emails, and social media. Businesses risk their privacy to gain exposure to potential customers. And with the growing threats and ris...
Follow These 5 Development Tips for Mobile App Security
Imagine life without mobile!
It’s not acceptable as we are used to with. We do nearly everything online at any time, from banking to control IoT in our home, from remote work to check productivity and more. While we are dependent on mobi...
Why IT Security Is So Important For Your Business Enterprises
There are many important things that are associated with IT Security for the business. For the company to be on the important position on the matters of the finance, some of the matters that need to be run effectively are the one for the technolo...
Everything You Need To Know About Cyber Security
We are using the internet more or less every day and exchanging valuable data over the internet of both our private life and professional life. Due to hacking and leaks of sensitive data cyber security have become a necessity for all. We hear inc...
What is Cyber Security Threat Intelligence?
Behind any cyber danger, there are people utilizing computers, code and webs. During or after the cyber attack technical knowledge about the system and computers between the attacker and the person will be gathered. However, identifying the ...
Network Web Security Research Study Infographic - An Overview
Network security is necessary. Without effective controls, clear policies and reliable reporting, companies can’t hope to maintain current performance, address emerging issues and defend against incoming threats. The problem? Recent data fr...
Use ZAP Tools for Authentication, Session & User Management to Find Security Vulnerabilities
ZAP Tool is a security tool which is an easy-to-use integrated penetration testing tool for finding vulnerabilities in web applications/Web apps.
ZAP provides automated scanners as well as a set of tools that allow you to find security vulnera...
Cybercrime in Sports and How to Defend Yourself
When discussing cybercrime in sports and the defensive measures it is better to start with basic information about cybercrime. What is cybercrime? The increasing numbers of people using devices connected to internet during last few years has...
10 Risk Management Myths You Should Know
The world created by computers and networks may be considered “virtual reality,” but that doesn’t mean their use in the business world should be subject to different rules, especially when it comes to security and compliance. On...
Multi Domain SSL Certificates - What, Why And The Best Ones for Web Security
Imagine your website to be your home. Now, would you leave it opened at all times exposed to burglary and privacy intrusion? You will keep it under lock and key at all times, right?
If physical key safeguards your home ...
Identity Theft As The Leading Crime And How To Avoid It
According to a complete report, the idea of identity theft is going to surpass the traditional style of theft. It is the leading type of theft that is growing at a very faster rate. There are various types of reasons behind the same. People are c...
OWASP TOP 10 VULNERABILITIES
Injection-A1 : The A1 vulnerabilities is a injection attacks. In which sending data was infected Like SQL command which can bypass the authentication.
Broken Authentication and Session Management-A2 : The A-2 ...
Same Origin Policy
The “Same Origin Policy” is an essential theory in web application and introduced for security reason, It ensures that scripts contained in a first web page to access data in a second web page, but only if both web pages have th...
Myths, Facts, Scenarios & Methodologies of Security Testing
Myths/Facts of Security Testing
Let's talk on an intriguing points on Myths and facts of security testing:
Myth #1 We needn't need a security approach as we have a little business
Fact : Everyone and each organi...
Integration of security processes with the SDLC
Integration of security processes with the SDLC:
It is constantly agreed, that cost will be more, if we put off security testing after software implementation stage or after deployment. In this way, it is important to inclu...
Security Testing and their Types?
What is Security?
Security is set of measures to ensure an application against unexpected activities/actions that make it to stop functioning or being misused/exploited. Unexpected activities can be either intentional o...
'Wireshark' the network protocol analyzer.
Wireshark Tools For Analysis:-
Wireshark is the well known network protocol Tools. It lets the user to see what's happening on his network at a microscopic level. It is the de facto (and often de jure) standard across many organi...
TTCN
TTCN:-
TCCN is a classic testing language for characterizing test scenario and their execution for protocol testing. A TCCN test suite contains numerous experiments(test cases) written in the TTCN programming language and it is utili...
Protocol Testing
What is Protocol Testing?
Protocol testing is a non specific term utilized by organizations working in as a part of the communication industry for testing different protocols in domains of Switching, Wireless, VoIP, Routing, Switchin...
Protocol in a Software industry & Types of protocols?
Protocol Testing:-
What is Protocol in a software industry?
When computer communicates with each other, there is a common arrangement of rules and conditions that every computer needs to follow. As such, pr...
Different Classes Of Threats
Different Classes Of Threats:-
There are so many classes of threats. By this blog i am describing few of them. These threats can be utilized to appropriate the benefit of security vulnerability. These are mentioned as below:-
P...
What is Cookies and its types?
Cookies are the records which are stores in users PC, cookies are intended to store an unobtrusive measure of data/information and the information can be gotten to by customer or web server.
There are taking after kind of cookies:-
1. Ses...
Extreme Programming Planning?
Extreme Programming (XP):- A software development approach which assists better software standard and responsiveness to modify customer requirements.
Being a part of agile software approach, it encourage frequent delivery. Development circle/...
Different activities in Risk Management?
Activities in risk management are as follows:-
1.) Risk identification,
2.) Risk prioritization and
3.) Risk treatment
1.) Risk identification:- Risk identification is majorly dependent on the project scope.
It is often carried forward...
Risk Management?
Risk management is the recognition, analysis, and prioritization/arrangement of risks (defined in ISO 31000 as the effect of uncertainty on objectives) . It is trailed by coordinated/synchronize and low-budget application of resources to reduce, ...
The process involved in Penetration Testing
The process involved in penetration testing are following:-
Discovering a combination of legal/official functioning that will let the tester carry out an unofficial function.
SQL commands
Unchanged salts in source-visible projects
Human c...
What is Penetration test?
What is Penetration test?
A penetration test, or as you may call it **pentest**, is an attack on a computer system. The intention of this attack is to find security frailty and thus obtain access to it.
Following is the process that leads ...
About Penetration Testing
Penetration testing is a type of security testing used to test the insecure or weak areas of the system or application. The idea of pentesting is to find vulnerabilities before they are found by other malicious
agents.
Types of Pen-testing
...
About Security Testing
Security testing can be check whether the application is secured or not and this concept covering the following thing:
Data Security
Network Security
Data security is primarily focused on securing the data while storing or transmitting it. T...
What is Security testing?
What is Security testing?
Security testing is a method by which tester try to find loopholes in the application . The main motive while performing security testing is to make the application secure for public or private use and to make sure t...
Honeypot
What is Honeypots ?
A honey pot is a computer security system which is used to attract people whos motive is to penetrate the security of someone system . It is a trap to delude Hacker . Honeypot monitor the activity of the Intruder . when m...
Fuzzing with ZAP
Fuzzing is the process through which we enter invalid or unexpected data to our target Application .
We use Fuzzing in our application when we want to break our application or crash it
using unexpected inputs .
Fuzzing can be done manually o...
How to Find/Reveal password, which is hidden behind Asterisks?
This is the easy trick from where you can come to know any password which is hidden behind the Asterisks.
What is Authentication Technologies & types of Authentication Technologies?
Authentication is the technique by which a system check the identification of a end User who wants to access it. Since entrance or access control is normally based on the identification of the User who demand access to a resource, Authentication ...
SQL injection & It's Preventions
Generally all companies using some type of data base behind there applications. SQL (Structured Query Language) Injection can be used to penetrated the database. Now a days SQL injection is a most popular way to attack the web site. SQL is a comm...
Securing Authentication
What is an Authentication
Authentication define as the process of verifying a person or any entity. The authentication is a process which compared the file in database to authorized the user information from their local OS. Only then User Pass...
Security Testing- Approaches, Tools and Techniques
Security Testing Security testing is basically a type of software testing thats done to ensure that system and application is secured. It reveals flaw in the security mechanism of an information system that protect data and maintain functionalit...
Hacking Prevention- How to Prevent Brute-force attack
Brute-force attack:
It is a password-guessing attack that does not aim to decrypt any information or data,the aim of a brute force attack is to gain access to user accounts by repeatedly trying a list of different combinations of passwords, U...
Working with Base 64
In this tutorial I will tell you about recognizing, decoding and encoding with 64 base format.
Base 64 Identification:-
It allows binary data to be transmitted in plain text format without risk of the data.
It is commonly used for encodin...
Http Status Codes and Explain all codes
HTTP, Hypertext Transfer Protocol, is the medium through which clients and servers can communicate. Basically, it works as a request-response protocol between a client and server. When user clicks at any link, types in a URL or submits the form, ...
Prevent Misuse of 'Password Change' Functionality
Password Change Functionality:- Applications should have the password change functionality, to allow the users to change their passwords if they want & to allow periodic password expiration (if required). User should change their password qu...
Web Security Testing- How To See The Hidden Form Fields
Hi All, In this video i'll demonstrate you how to see the hidden form fields in web page with help of WebScarab tool. I hope you Like this video. Thanks !
How to Modify Specific Element Attributes
Hello Everyone, This video demonstates how to modify specific element attributes using Firebug add-on.
How to Use Tamper Data for Hacking
Hello Everyone, This video demonstrates how to use Tamper Data to view, record & even modify outgoing HTTP request and how to use it to change a field to an alternate value and send the tamper data to the server to see how it reacts.
Web Security Testing- Observing Live Post Data with WebScarab
Hi All, In this video i'll demonstrate you how to check live post data with help of WebScarab tool. I hope you Like this video. Thanks !
Packet Sniffing Using Wireshark and Network Miner Tool
**Packet sniffing using Wireshark and Network Miner tool**:-
Using packets we can sniff the credentials of the victim connected to our network.
For this we need to download two tools:
Wireshark
Network Miner
You can download 'wires...
Session Hijacking Using Wireshark
Please find the following link for your reference:-
Wireshark download link:-http://www.wireshark.org
Greasemonkey:-Addons in your firefox
Cookie injector link:- http://userscripts-mirror.org/scripts/show/119798
Cookies Poisoning
What are Cookies ?
Cookies are the small amount of data sent from website (which a user is browsing) and is stored as a small text files on computer. When a user access a website with a cookie function for the first time, a cookie is sent from s...
What is Brute Force Attack
Brute Force Attack
A Brute-force attack is a technique(Procedure or Method) for obtaining or finding-out information by trying every key combination in an effort to find an unknown value and to try a large number of possible values by using an...
Session Hijacking
Session Hijacking: Session hijacking is semi- permanent interactive information interchange, also known as a meeting between two or more communicating devices. When you hijack someones session you take their sessionID and pretend its your own, he...