From the category archives:

Web Application Security

Challenges in automated testing of session management

As we all know, web application scanners are meant to assist a user in identifying the vulnerabilities in a web application. The user/ audience for this tool can be penetration testers, developers or auditors. The true potential of any tool can be extracted only by a user who understands the domain and the tool he [...]

Share
Read the full article →

REST APIs and Next Generation Threats: Part 1

Some days back, when I was going through the record breaking statistics of Facebook and its social networking platform’s REST APIs,  I found phrases like “People on Facebook install 20 million applications every day. More than 2.5 million websites have integrated with Facebook”. It  really shows the incredible power of REST APIs and probably it [...]

Share
Read the full article →

Meet hacker’s best friends: AntiVirus and Firewalls

Mr. John (name changed) is the senior security manager of one of the large organization in the world.  Mr. John enforces best of the security policy to protect his organization from latest threats and risks. He has deployed best of the anti-virus on all the desktops and servers. He keeps all the anti-virus signature updated [...]

Share
Read the full article →

How Search Engine Security Testing can improve Website Ranking

You may be wondering what Website Ranking Improvement has to do with Search Engine Security Testing. Few years back  I also wondered the same before I came across one smart SEO guy. Combined with his insights in SEO and my background in security testing, I’m convinced that all search engine marketeers should now consider adopting [...]

Share
Read the full article →

A Lazy Pen Tester’s Guide to Testing Flash Applications

Yesterday, I received a post in the Pen-Test mailing list requesting for tips/resources on penetration testing of flash applications.  While there are some tools and white papers available, I could not find many authoritative resources which wraps the entire spectrum of flash security testing of RIA applications.  So here is an endeavor to detail out [...]

Share
Read the full article →

Is Twitter the new source of Malware?

Ok, I’m going to keep this one real short. A few days ago I created one Squidoo Lens on the vulnerabilities of facebook and twitter which received good user feedback and comments. Following up on that, here is a summary (as well some new ones) that you may consider to prevent your computers being targeted [...]

Share
Read the full article →

How Web Application Security Assessment Can Grow Your Business

In this day and age, the way we do business has raised the demand for Web application security testing services. Every progressive and successful company nowadays has their own Web site or web application. Since the 1990s, more and more businesses have extended their presence online. The Internet is no longer just a place to [...]

Share
Read the full article →

What You Probably Do Not Know About Application Penetration Testing!

Most companies nowadays put their information on the cloud, not on physical systems. This information could include sensitive customer and client information, processes, insider secrets, research and development. There is an inherent risk that these data and information could be compromised, more so if you use applications both on the Web and internally that have [...]

Share
Read the full article →
Technology Blogs Computers & Internet Directory Free web directory Add Your Site