Blogs

Server-Side Request Forgery (SSRF) refers to an attack, wherein an attacker can send a crafted request from a vulnerable web application

In DevOps, the application is often releasing new features and functionalities. In every release, the business needs are deployed in the cloud for flexibility and service delivery but often they are skipping the information security service in completing the organisation’s on-time release

A data breach is a confirmed incident when a sensitive, confidential or otherwise protected data has been accessed and disclosed in an unauthorised fashion.

Sparta is a Python based GUI application and it’s a network infrastructure pentesting tool by aiding the pentesters in performing scanning and enumeration phase

The Framework offers an agile way to address cybersecurity, including cybersecurity’s effect on physical, cyber, and people dimensions. It applies to organisations relying on technology

In today’s digital world, IT security strategy must be transformed into Business-driven security strategy to prevent failure of vital digital transformation projects which will become irrelevant to the business model of an organisation.

The Payment Card Industry Data Security Standard (PCI DSS) was developed to follow the policy and standards of cardholder data security which consistent data security measures globally

It is a well-known fact that most of the corporate organisations have been the target of black-hat hackers and hacktivist groups, and they were experiencing data breaches, server compromise etc.

SQL injection is an attack when an attacker persuades to “inject” his harmful/malicious SQL code into someone else’s database, and force that database to run his SQL

Most of the common web servers are configured in the form of the same server to host many web applications with the same IP address this type of configuration is the reason for the Host Header issues. Here we are going to deal with the host header injection attack in various forms, its impact and mitigation

OS command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands.

Cross-site scripting (XSS) is one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications.

A web application is helpless against Cross Site Port Attack if it forms client provided URL’s and does not disinfect the backend reaction obtained from remote servers previously while sending it back to the client.

Apache Struts is a free, open-source, MVC framework for creating elegant and modern Java web applications. It favours convention over configuration and is extensible using a plugin for supporting REST, AJAX, and JSON.