Samrat Das

February 8, 2018
web services and api part 2

Web Services and API Penetration Testing Part #2

Welcome readers to Part 2 of Web Services Penetration Testing. In this part, we will take a quick look into the various test cases, tools, and […]
January 6, 2018
web service API security part 1

Web Services and API Penetration Testing Part #1

Hi Readers, today we will learn about another interesting part of web services and API penetration testing part, this revolves around Security assessments of web services. […]
January 1, 2018
Thick Client Penetration Testing

Intercepting thick clients sans domain: Thick Client Penetration Testing – Part 5

For carrying out penetration testing assessments, our main aim has been to resolve the actual domain to the loopback IP address, by adding an entry to […]
January 1, 2018
Dark Web

Dark Web: Accessing the hidden content Part #2

Using I2P to access the dark web – Part #2 I2P Intro: According to Wikipedia, The Invisible Internet Project (I2P) is an anonymous network layer that allows for  peer […]
December 30, 2017
Dark Web: Accessing the hidden content

Dark Web: Accessing the hidden content Part- 1

  Curiosity towards hidden and unknown things is natural to people. For the general folks, Internet is existence of websites indexed via popular search engines like […]
December 18, 2017
Fileless malware

Fileless malware- the ninja technique to spread malwares using default os tools

What are fileless malwares? Fileless malware are not typical malwares that probe directly or indirectly to install software on a victim’s machine and then execute. Instead, […]
December 1, 2017
Cryptocurrency Mining Scripts Harnessing

Cryptocurrency Mining Scripts Harnessing your cpu memory via Browsers

Hidden MiningWebsites are increasingly using JavaScript-based cryptocurrency miners to monetize by levying the CPU power of their visitor’s PC to mine Bitcoin or other cryptocurrencies. Scenario […]
December 1, 2017

Gain Root without Password- macOS Sierra

A critical vulnerability has been discovered in macOS High Sierra allowing any user to get root access on a mac system without any passwords. In order […]
November 15, 2017

Exploiting Browsers using PasteJacking and XSSJacking Vulnerability

Hi Readers, in the field of penetration testing, we all know attacks such as Clickjacking, Cross Site Scripting etc. These are attacks from most  OWASP Top […]
Enable Notifications.    Ok No thanks