Penetration Testing using Python Code

Nowadays, programming is considered as a very important element in the industry especially IT. In this post, I would like to share a brief knowledge about Penetration Testing using Python code which can be useful […]

Cross-origin resource sharing Review

Cross-origin resource sharing can be considered as one of the attacks that the website application server vulnerabilities. Normally, it will enable any controlled access to the bug located where it will run the Cross-origin rules […]

Tutorial on GraphQL Injection

Recently, I have learned a few new injection attacks and one of them is GraphQL Injection. Before we understand how the attack works, we need to first understand what is GraphQL is. GraphQL is an […]

Cross-Site Scripting Tutorial

Cross-site Scripting is an attack where the attacker will enable to insert client-side script into the application to gain access control and data of the application. An example of common Cross-Site Scripting that I do […]

Penetration Testing SSL

In this post, I will talk about how to test the SSL vulnerabilities that reside on the system or server. For those who are still new in this area of Security, SSL Vulnerabilities can be […]

TLS Downgrade Attack

We will focus on TLS Downgrade attack method in this post where we will learn about what and how to detect the attack. TLS Downgrade attack is an attack that leverages a leak of side-channel […]

Owasp ZAP – Another Alternative Web Pentest Tools

For those Security professionals especially involved in Penetration Testing should know Burpsuite and Acunetix for Web Application Assessment. However, there is an alternative for them to use while doing Web Application Assessment which is Owasp […]

SAP Penetration Testing MasterClass

What is SAP? SAP also known as Systems, Application and Products in Data Processing owned by German company that have devoted to the business solutions development. More than 41,600 customers in more than 120 countries […]

XXE Attack Master class

What is XXE Attack? The XXE Attack(XML External Entity) is an attack where it against an application that will parses XML input. Like other attack, this attack can lead to any expose any of confidential […]

Penetration Testing Walkthrough

As most of us know, Penetration Testing will need to follow a few step in order to testing the server and network. Below are the manual that need to be doing during the Penetration Testing […]