The penetration testing industry is enjoying an upsurge as more high-profile security breaches are reported in the media, such as the recent LinkedIn password debacle, and companies scramble to tighten up their systems. Done correctly, pen testing can illuminate security flaws in a network by utilizing the skills and viewpoint of an external third party, which in most cases, to be frank, is a
Hiển thị các bài đăng có nhãn Penetration Testing. Hiển thị tất cả bài đăng
Hiển thị các bài đăng có nhãn Penetration Testing. Hiển thị tất cả bài đăng
Finding a Qualified Penetration Tester for Your Site
The penetration testing industry is enjoying an upsurge as more high-profile security breaches are reported in the media, such as the recent LinkedIn password debacle, and companies scramble to tighten up their systems. Done correctly, pen testing can illuminate security flaws in a network by utilizing the skills and viewpoint of an external third party, which in most cases, to be frank, is a
CVE-2012-2122: Exploiting authentication bypass vulnerability in MySQL and MariaDB
The news about the vulnerability in MySQL and MariaDB spreads like a wild fire. I have covered about this vulnerability in E Hacking news as news article. Here, i am going to share the same thing from the perspective of a penetration tester.
The MySQL and MariaDB versions 5.161,5.2.11,5.3.5 and 5.5.c2 are affected version.
The vulnerability allows an attacker to access MySQL database without
The MySQL and MariaDB versions 5.161,5.2.11,5.3.5 and 5.5.c2 are affected version.
The vulnerability allows an attacker to access MySQL database without
DOM Based Cross Site Scripting(XSS) vulnerability Tutorial
So far i have explained about the Traditional Cross site scripting that occurs because of insecure server-side code. In this post , i am going to explain the DOM Based Cross Site Scripting vulnerability. if you don't know what is cross site scripting , then i recommend you to read the basics from here.
Before explaining about the DOM based xss, let me explain what DOM means to.
What is DOM?
The Art of Human Hacking -Social Engineering(SE) tutorial series
Hello BTS readers, here we come with an interesting tutorial written by my friend Mr.Ashish Mistry who is the founder of Hcon and author of 'HconSTF ' project.
Hello all,
after a long time I am again started writing, In a hope that my believe in “sharing the spirit of learning” fulfills well. So from today I am going to write series of tutorials on my favorite topic, 'Social Engineering' (SE)
Complete Cross site Scripting(XSS) cheat sheets : Part 1
I am just providing this XSS Cheat sheet after collecting the exploit-codes from hackers' techniques and different sites especially http://ha.ckers.org/xss.html . This is complete list of XSS cheat codes which will help you to test xss vulnerabilities ,useful for bypassing the filters. If you have any different cheat codes , please send your code.
Basic XSS codes:
----------------------------
E Hacking News & PenTest Partnership announced!
We’re proud to announce that we’ve just partnered with PenTest Magazine!
About PenTest Magazine:
PenTest Magazine is a weekly downloadable IT security mag, devoted exclusively to penetration testing. It features articles by penetration testing specialists and enthusiasts, experts in vulnerability assessment and management. We cover all aspects of pen testing, from theory to practice, from
How to do Cookie Stealing with Cross site Scripting Vulnerability ? : XSS Tutorials
Hope, you are now familiar with XSS vulnerability (if you don't know what it is, read the beginners xss tutorial). It is my Fourth article about the XSS Vulnerability Testing(PenTesting)..! Today i am going to explain how an attacker exploit XSS vulnerability and steal cookie from users.
Warning!!!BTS does not take responsibility, if anyone, tries these hacks against any organization or