Briskinfosec - Your Perfect Cybersecurity Partner

Stay Connected:

Cybersecurity Blogs | Briskinfosec
Image

Detection and Exploitation of XML External Entity Attack XXE

XML External Entity Attack happens when an application allows an input parameter to be XML or incorporated into XMLwhich is passed to an XML parser

Image

Host Header Attack

Most commonly many web servers are configured in such a way, to hosts several websites or web applications on the same IP address. That’s why the Host Header Injection occurs.

Image

Important Vulnerabilities And Smart Ways To Be Secured From Them

There’s a saying, ”Change is the only thing that never changes!” Similarly, each and every year has a change .

Image

Guidelines to Secure Web Services and API End-Points

Web Service is a software service used to create a communication between 2 devices connected over a network through internet.

Image

Command Execution Attacks on Apache Struts server CVE-2017-5638

Apache Struts is a free, open-source, MVC framework for creating elegant and modern Java web applications.

Image

SQL Injection -Using Burp Suite

SQL injection is an attack when an attacker persuades to “inject” his harmful/malicious SQL code into someone else’s database, and force that database to run his SQL

Image

Server-Side Request Forgery-SSRF

Server-Side Request Forgery (SSRF) refers to an attack, wherein an attacker can send a maliciously crafted request from a vulnerable web application

Image

Evolution of Ransomware and the trends in 2020

Nowadays the biggest danger that we come across and also something that we are about to face in future is The cyber threat the crime that happens via internet and technology.

Image

A Deep Dive into SAML-SSO Security Testing Approach

SAML the Security Assertion Markup Language was created by an organization known as OASIS.Nowadays applications make use of the latest version of SAML 2.0.

Image

This Awesome Stuff Will Make You Understand What Red Team And Blue Team Is

Most people think that Red Teaming and Blue Teaming are different approaches for testing and identifying the security flaws.

Image

What Do You Need To Know About Cyber Kill Chain?

The Cyber Kill Chain framework is a part of the Intelligence driven defense model for identification and prevention of cyber intrusion activities (i.e. Hack or Breach).

Image

Growing Data Breaches And The Best Ways To Be Safe From Them

Data breaches – Unarguably, it’s a word that’s roaring predominantly and endlessly in each and every part of this digital world, without any precincts.

Image

CRLF Injection Attack

The term CRLF refers to Carriage Return (ASCII 13, , \r) Line Feed (ASCII 10, , \n). Carriage Return means the end of a line, and Line Feed refers to the new line. In more simple words, both of these are used to note the end of a line.

Image

Server Side Includes Injection

Server Side Includes (SSIs) are directives present on web applications, used to feed an HTML page of the application with dynamic contents based on user’s input.

Image

How to secure your Github repository?

GitHub is a hosting platform which helps developers to collaborate in building software’s. It helps the developers to manage source code management.

Image

Null Byte SQL Injection

Null Byte Injection is an exploitation technique which uses URL-encoded null byte characters to the user-supplied data. This injection process can alter the intended logic .

Image

CWE-78 Improper Neutralization Of Special Elements Used In An OS Command Injection

OS command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands.

Image

Top Trending Web app security Vulnerabilities

For a long time in the cyber security world, Web applications are subjected to various kinds of security vulnerabilities because of the increase in its usage and the use of dynamic web application technologies

Image

Cross Site Port Attack XSPA

A web application is helpless against Cross Site Port Attack if it forms client provided URL’s and does not disinfect the backend reaction obtained from remote servers previously while sending it back to the client.

Image

Are you still fighting against decade old application attacks

In this modern digital era, online transactions play a pivotal role.

Image

Drupal Core Remote Code Execution Vulnerability: CVE-2019-6340

Drupal is one of the most popular open source Content Management System (CMS) meant for developing, designing etc.