Samrat Das

February 8, 2018

Web Services and API Penetration Testing Part #2

Welcome readers to Part 2 of Web Services Penetration Testing. In this part, we will take a quick look into the various test cases, tools and […]
January 6, 2018

Web Services and API Penetration Testing Part #1

Hi Readers, today we will learn about another interesting part of web services and API penetration testing part, this revolves around Security assessments of web services. […]
January 1, 2018

Intercepting thick clients sans domain: Thick Client Penetration Testing – Part 5

For carrying out penetration testing assessments, our main aim has been to resolve the actual domain to the loopback IP address, by adding an entry to […]
January 1, 2018

Dark Web: Accessing the hidden content Part #2

Using I2P to access the dark web – Part #2 I2P Intro: According to Wikipedia, The Invisible Internet Project (I2P) is an anonymous network layer that allows for  peer […]
December 30, 2017

Dark Web: Accessing the hidden content Part- 1

  Curiosity towards hidden and unknown things is natural to people. For the general folks, Internet is existence of websites indexed via popular search engines like […]
December 18, 2017

Fileless malware- the ninja technique to spread malwares using default os tools

What are fileless malwares? Fileless malware are not typical malwares that probe directly or indirectly to install software on a victim’s machine and then execute. Instead, […]
December 1, 2017

Cryptocurrency Mining Scripts Harnessing your cpu memory via Browsers

Hidden MiningWebsites are increasingly using JavaScript-based cryptocurrency miners to monetize by levying the CPU power of their visitor’s PC to mine Bitcoin or other cryptocurrencies. Scenario […]
December 1, 2017

Gain Root without Password- macOS Sierra

A critical vulnerability has been discovered in macOS High Sierra allowing any user to get root access on a mac system without any passwords. In order […]
November 15, 2017

Exploiting Browsers using PasteJacking and XSSJacking Vulnerability

Hi Readers, in the field of penetration testing, we all know attacks such as Clickjacking, Cross Site Scripting etc. These are attacks from most  OWASP Top […]