Blogs

There’s a saying, ”Change is the only thing that never changes!” Similarly, each and every year has a change .

Server-Side Request Forgery (SSRF) refers to an attack, wherein an attacker can send a maliciously crafted request from a vulnerable web application

Most people think that Red Teaming and Blue Teaming are different approaches for testing and identifying the security flaws.

Apache Struts is a free, open-source, MVC framework for creating elegant and modern Java web applications.

The term CRLF refers to Carriage Return (ASCII 13, , \r) Line Feed (ASCII 10, , \n). Carriage Return means the end of a line, and Line Feed refers to the new line. In more simple words, both of these are used to note the end of a line.

Drupal is one of the most popular open source Content Management System (CMS) meant for developing, designing etc.

An API is called as Application Programming Interface which is used for communication. An API acts as a middle man who delivers your request to the provider and then delivers response to

XML External Entity Attack happens when an application allows an input parameter to be XML or incorporated into XMLwhich is passed to an XML parser

Most commonly many web servers are configured in such a way, to hosts several websites or web applications on the same IP address. That’s why the Host Header Injection occurs.

Web Service is a software service used to create a communication between 2 devices connected over a network through internet.

SQL injection is an attack when an attacker persuades to “inject” his harmful/malicious SQL code into someone else’s database, and force that database to run his SQL

Nowadays the biggest danger that we come across and also something that we are about to face in future is The cyber threat the crime that happens via internet and technology.

SAML the Security Assertion Markup Language was created by an organization known as OASIS.Nowadays applications make use of the latest version of SAML 2.0.

The Cyber Kill Chain framework is a part of the Intelligence driven defense model for identification and prevention of cyber intrusion activities (i.e. Hack or Breach).

Data breaches – Unarguably, it’s a word that’s roaring predominantly and endlessly in each and every part of this digital world, without any precincts.

Server Side Includes (SSIs) are directives present on web applications, used to feed an HTML page of the application with dynamic contents based on user’s input.

GitHub is a hosting platform which helps developers to collaborate in building software’s. It helps the developers to manage source code management.

Null Byte Injection is an exploitation technique which uses URL-encoded null byte characters to the user-supplied data. This injection process can alter the intended logic .

OS command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands.

For a long time in the cyber security world, Web applications are subjected to various kinds of security vulnerabilities because of the increase in its usage and the use of dynamic web application technologies

A web application is helpless against Cross Site Port Attack if it forms client provided URL’s and does not disinfect the backend reaction obtained from remote servers previously while sending it back to the client.