Join the social network of Tech Nerds, increase skill rank, get work, manage projects...
 

Multi Domain SSL Certificates - What, Why And The Best Ones for Web Security

  Imagine your website to be your home. Now, would you leave it opened at all times exposed to burglary and privacy intrusion? You will keep it under lock and key at all times, right?   If physical key safeguards your home ...

Identity Theft As The Leading Crime And How To Avoid It

According to a complete report, the idea of identity theft is going to surpass the traditional style of theft. It is the leading type of theft that is growing at a very faster rate. There are various types of reasons behind the same. People are c...

OWASP TOP 10 VULNERABILITIES

  Injection-A1 :  The A1 vulnerabilities is a injection attacks. In which sending data was infected Like  SQL command which can bypass the authentication.   Broken Authentication and Session Management-A2 : The A-2 ...

Same Origin Policy

The “Same Origin Policy” is an essential theory in web application and introduced for security reason, It ensures that  scripts contained in a first web page to access data in a second web page, but only if both web pages have th...

Myths, Facts, Scenarios & Methodologies of Security Testing

Myths/Facts of Security Testing   Let's talk on an intriguing points on Myths and facts of security testing:   Myth #1 We needn't need a security approach as we have a little business Fact : Everyone and each organi...

Integration of security processes with the SDLC

  Integration of security processes with the SDLC:   It is constantly agreed, that cost will be more, if we put off security testing after software implementation stage or after deployment. In this way, it is important to inclu...

Security Testing and their Types?

  What is Security?   Security is set of measures to ensure an application against unexpected activities/actions that make it to stop functioning or being misused/exploited. Unexpected activities can be either intentional o...

'Wireshark' the network protocol analyzer.

Wireshark Tools For Analysis:-   Wireshark is the well known network protocol Tools. It lets the user to see what's happening on his network at a microscopic level. It is the de facto (and often de jure) standard across many organi...

TTCN

TTCN:-   TCCN is a classic testing language for characterizing test scenario and their execution for protocol testing. A TCCN test suite contains numerous experiments(test cases) written in the TTCN programming language and it is utili...

Protocol Testing

What is Protocol Testing?   Protocol testing is a non specific term utilized by organizations working in as a part of the communication industry for testing different protocols in domains of Switching, Wireless, VoIP, Routing, Switchin...

Protocol in a Software industry & Types of protocols?

Protocol Testing:-     What is Protocol in a software industry?   When computer communicates with each other, there is a common arrangement of rules and conditions that every computer needs to follow. As such, pr...

Different Classes Of Threats

Different Classes Of Threats:- There are so many classes of threats. By this blog i am describing few of them. These threats can be utilized to appropriate the benefit of security vulnerability. These are mentioned as below:-   P...

What is Cookies and its types?

Cookies are the records which are stores in users PC, cookies are intended to store an unobtrusive measure of data/information and the information can be gotten to by customer or web server. There are taking after kind of cookies:- 1. Ses...

Extreme Programming Planning?

Extreme Programming (XP):- A software development approach which assists better software standard and responsiveness to modify customer requirements. Being a part of agile software approach, it encourage frequent delivery. Development circle/...

Different activities in Risk Management?

Activities in risk management are as follows:- 1.) Risk identification, 2.) Risk prioritization and 3.) Risk treatment 1.) Risk identification:- Risk identification is majorly dependent on the project scope. It is often carried forward...

Risk Management?

Risk management is the recognition, analysis, and prioritization/arrangement of risks (defined in ISO 31000 as the effect of uncertainty on objectives) . It is trailed by coordinated/synchronize and low-budget application of resources to reduce, ...

The process involved in Penetration Testing

The process involved in penetration testing are following:- Discovering a combination of legal/official functioning that will let the tester carry out an unofficial function. SQL commands Unchanged salts in source-visible projects Human c...

What is Penetration test?

What is Penetration test? A penetration test, or as you may call it **pentest**, is an attack on a computer system. The intention of this attack is to find security frailty and thus obtain access to it. Following is the process that leads ...

About Penetration Testing

Penetration testing is a type of security testing used to test the insecure or weak areas of the system or application. The idea of pentesting is to find vulnerabilities before they are found by other malicious agents. Types of Pen-testing ...

About Security Testing

Security testing can be check whether the application is secured or not and this concept covering the following thing: Data Security Network Security Data security is primarily focused on securing the data while storing or transmitting it. T...

What is Security testing?

What is Security testing? Security testing is a method by which tester try to find loopholes in the application . The main motive while performing security testing is to make the application secure for public or private use and to make sure t...

Honeypot

What is Honeypots ? A honey pot is a computer security system which is used to attract people whos motive is to penetrate the security of someone system . It is a trap to delude Hacker . Honeypot monitor the activity of the Intruder . when m...

Fuzzing with ZAP

Fuzzing is the process through which we enter invalid or unexpected data to our target Application . We use Fuzzing in our application when we want to break our application or crash it using unexpected inputs . Fuzzing can be done manually o...

How to Find/Reveal password, which is hidden behind Asterisks?

This is the easy trick from where you can come to know any password which is hidden behind the Asterisks.

What is Authentication Technologies & types of Authentication Technologies?

Authentication is the technique by which a system check the identification of a end User who wants to access it. Since entrance or access control is normally based on the identification of the User who demand access to a resource, Authentication ...

SQL injection & It's Preventions

Generally all companies using some type of data base behind there applications. SQL (Structured Query Language) Injection can be used to penetrated the database. Now a days SQL injection is a most popular way to attack the web site. SQL is a comm...

Securing Authentication

What is an Authentication Authentication define as the process of verifying a person or any entity. The authentication is a process which compared the file in database to authorized the user information from their local OS. Only then User Pass...

Security Testing- Approaches, Tools and Techniques

Security Testing Security testing is basically a type of software testing thats done to ensure that system and application is secured. It reveals flaw in the security mechanism of an information system that protect data and maintain functionalit...

Hacking Prevention- How to Prevent Brute-force attack

Brute-force attack: It is a password-guessing attack that does not aim to decrypt any information or data,the aim of a brute force attack is to gain access to user accounts by repeatedly trying a list of different combinations of passwords, U...

Working with Base 64

In this tutorial I will tell you about recognizing, decoding and encoding with 64 base format. Base 64 Identification:- It allows binary data to be transmitted in plain text format without risk of the data. It is commonly used for encodin...

Http Status Codes and Explain all codes

HTTP, Hypertext Transfer Protocol, is the medium through which clients and servers can communicate. Basically, it works as a request-response protocol between a client and server. When user clicks at any link, types in a URL or submits the form, ...

Prevent Misuse of 'Password Change' Functionality

Password Change Functionality:- Applications should have the password change functionality, to allow the users to change their passwords if they want & to allow periodic password expiration (if required). User should change their password qu...

Web Security Testing- How To See The Hidden Form Fields

Hi All, In this video i'll demonstrate you how to see the hidden form fields in web page with help of WebScarab tool. I hope you Like this video. Thanks !

How to Modify Specific Element Attributes

Hello Everyone, This video demonstates how to modify specific element attributes using Firebug add-on.

How to Use Tamper Data for Hacking

Hello Everyone, This video demonstrates how to use Tamper Data to view, record & even modify outgoing HTTP request and how to use it to change a field to an alternate value and send the tamper data to the server to see how it reacts.

Web Security Testing- Observing Live Post Data with WebScarab

Hi All, In this video i'll demonstrate you how to check live post data with help of WebScarab tool. I hope you Like this video. Thanks !

Packet Sniffing Using Wireshark and Network Miner Tool

**Packet sniffing using Wireshark and Network Miner tool**:- Using packets we can sniff the credentials of the victim connected to our network. For this we need to download two tools: Wireshark Network Miner You can download 'wires...

Session Hijacking Using Wireshark

Please find the following link for your reference:- Wireshark download link:-http://www.wireshark.org Greasemonkey:-Addons in your firefox Cookie injector link:- http://userscripts-mirror.org/scripts/show/119798

Cookies Poisoning

What are Cookies ? Cookies are the small amount of data sent from website (which a user is browsing) and is stored as a small text files on computer. When a user access a website with a cookie function for the first time, a cookie is sent from s...

What is Brute Force Attack

Brute Force Attack A Brute-force attack is a technique(Procedure or Method) for obtaining or finding-out information by trying every key combination in an effort to find an unknown value and to try a large number of possible values by using an...

Session Hijacking

Session Hijacking: Session hijacking is semi- permanent interactive information interchange, also known as a meeting between two or more communicating devices. When you hijack someones session you take their sessionID and pretend its your own, he...

Cross-site scripting

Cross-site scripting Cross-site scripting or XSS is a web attack at application layer. XSS rather than targeting the script embedded in a page executed on the server side, it tagets the script executed on the client side. In XSS attack, the ha...
Sign In
                           OR                           
                           OR                           
Register

Sign up using

                           OR                           
Forgot Password
Fill out the form below and instructions to reset your password will be emailed to you:
Reset Password
Fill out the form below and reset your password: