Category: Information Security

OS fingerprint method

During Penetration Testing phrase, A pentester will test the Operating System for verification usage. The method can be used for this activity such as Nmap and TTL response where it will provide details of the […]

Business Continuity Plan Review

As an organization knows, there will need to active Business Continuity Plan after a disaster occurs. A Business Continuity Plan is important to any organization because it has included: Continous delivery of the Business Continuity […]

SQL Injection Masterclass

In this post, I would like to take some time to talk on the well-known attack to all people out there. The attack that I mentioned above is SQLi which also known as SQL Injection. […]

Wireshark Masterclass

Wireshark is very popular among Security Professional especially Network Engineer and Pentester. The reason is that Wireshark can be used for Network Packet Analyzer. For those who are not familiar with Network Packet Analyzer, it […]

One-Time Password for Time-Based

For those who do not know about Time-Based One-Time Password, it’s a password that been created temporarily passcode from authentication factors algorithms. The algorithms will be generated and send to the user immediately for them […]

Shodan CLI

Mostly everyone in Security Field will know “Shodan” which its the world’s first search engine on the Internet-connected related. Lately, I found a new method for the Shodan Usage which it will be using Command-Line. […]

CyberSecurity Risk for Vendor Management

When talking about Vendor Security, we will be thinking about building an ecosystem where the vendor will cross path with enterprise or management to bridge the matrix by using the latest technology. Latest Technology such […]

Buffer Overflow Masterclass

For starter, Buffer Overflow only occurs when the program has attempted to write more data into the fixed block of memory. The attacker will send crafted data to the memory and executed the arbitrary code […]

Local File Inclusion

For those are not familiar with Security Assessment, An attack method called Local File Inclusion where it will exploit any vulnerable inclusion procedure that been implemented inside the application. The attacker can use this method […]

Access Control

What is Access Control? Access Control is a one of the central of security policy where it focuses on the control policy for the user to access the authentication files or server.  Types of Access […]