Nowadays, programming is considered as a very important element in the industry especially IT. In this post, I would like to share a brief knowledge about Penetration Testing using Python code which can be useful for other people out there. Below are the example from the […]
Introduction and credit Before I start to review the tools, I would like to give credit to OJ Reeves and Christian Mehlmauer for Gobuster tools. Gobuster is been used for Bruteforce Dir, Vhost and DNS of the target’s domain which will provide the attacker on the […]
Cross-origin resource sharing can be considered as one of the attacks that the website application server vulnerabilities. Normally, it will enable any controlled access to the bug located where it will run the Cross-origin rules such as Access-Cross-Allow-Origin: However, this will affect if CORS is been […]
Cross-site Scripting is an attack where the attacker will enable to insert client-side script into the application to gain access control and data of the application. An example of common Cross-Site Scripting that I do believe everyone is well-aware of it can be seen as below […]
In this post, I will talk about how to test the SSL vulnerabilities that reside on the system or server. For those who are still new in this area of Security, SSL Vulnerabilities can be categories as below: HeartBleed Poodle BEAST CRIME BREACH and so on […]
As an organization knows, there will need to active Business Continuity Plan after a disaster occurs. A Business Continuity Plan is important to any organization because it has included: Continous delivery of the Business Continuity Plan needs to go through plan, measures, and good arrangements to […]
In this post, I would like to take some time to talk on the well-known attack to all people out there. The attack that I mentioned above is SQLi which also known as SQL Injection. What SQL Injection can do to business or any organization will […]
Wireshark is very popular among Security Professional especially Network Engineer and Pentester. The reason is that Wireshark can be used for Network Packet Analyzer. For those who are not familiar with Network Packet Analyzer, it has been used to capture network packets within the network range […]
What is Phishing? Phishing is a method that been sent by the spammer to get details or information about the victims such as Name, Bank Account Details, Phone Number and so on. Shellphish is one of the phishing methods that use any website clone to get […]
What is XXE Attack? The XXE Attack(XML External Entity) is an attack where it against an application that will parses XML input. Like other attack, this attack can lead to any expose any of confidential data, Denial of Service, Service Side Request Forgery. Attack Factors Exploitable […]