DLL Attack Review Part 1

I would like to share a few details and tricks to DLL Attack that can be useful to some people out there. DLL (Dynamic Link Libraries) attack is an attack where the attacker exploit within […]

XML Injection Attack review

In this post, I would like to share about XML Injection Attack that might be useful for some scenarios. For those who are not familiar with XML Injection attack, XML Injection is an method that […]

Penetration Testing using Python Code

Nowadays, programming is considered as a very important element in the industry especially IT. In this post, I would like to share a brief knowledge about Penetration Testing using Python code which can be useful […]

Cross-origin resource sharing Review

Cross-origin resource sharing can be considered as one of the attacks that the website application server vulnerabilities. Normally, it will enable any controlled access to the bug located where it will run the Cross-origin rules […]

Tutorial on GraphQL Injection

Recently, I have learned a few new injection attacks and one of them is GraphQL Injection. Before we understand how the attack works, we need to first understand what is GraphQL is. GraphQL is an […]

Cross-Site Scripting Tutorial

Cross-site Scripting is an attack where the attacker will enable to insert client-side script into the application to gain access control and data of the application. An example of common Cross-Site Scripting that I do […]

Penetration Testing SSL

In this post, I will talk about how to test the SSL vulnerabilities that reside on the system or server. For those who are still new in this area of Security, SSL Vulnerabilities can be […]

TLS Downgrade Attack

We will focus on TLS Downgrade attack method in this post where we will learn about what and how to detect the attack. TLS Downgrade attack is an attack that leverages a leak of side-channel […]

Owasp ZAP – Another Alternative Web Pentest Tools

For those Security professionals especially involved in Penetration Testing should know Burpsuite and Acunetix for Web Application Assessment. However, there is an alternative for them to use while doing Web Application Assessment which is Owasp […]

SAP Penetration Testing MasterClass

What is SAP? SAP also known as Systems, Application and Products in Data Processing owned by German company that have devoted to the business solutions development. More than 41,600 customers in more than 120 countries […]