Knowledge-base

January 21, 2022

Webinar – Mobile app pen testing: Understanding android apps and how to secure them

With 2.5 billion android users across 190 countries, the digital expansion offers limitless opportunities for businesses. But along with opportunities come the challenges that plague the […]
December 22, 2021

postMessage(): common issues and how you can mitigate them?

Introduction to postMessage() The application uses the window.postMessage () method to allow cross-origin communication between different window objects. This method provides a way to circumvent the […]
December 17, 2021

Websocket: common vulnerabilities plaguing it and managing them.

What is WebSocket? Efficient two-way communication protocol WebSocket is stateful where HTTP is stateless Two main parts: Handshake and data transfer WebSockets allows the client/server to […]
November 19, 2021

Sharpening your FRIDA scripting skills with Frida Tool

FridaLab Tool, an android application specially created to hone the Frida scripting skills on android. These challenges include: Changing a hard-coded variable Modifying the return value […]
November 15, 2021

Recon: an important part of penetration test for finding vulnerabilities

Reconnaissance (aka Recon), a pen-testing process, is crucial in a Black Box Penetration test. A Recon is important for exploring an area to gather confidential information. […]
November 8, 2021

Learn about Android WebView and its Vulnerabilities

What is Android WebView? Android WebView, an android system component, allows android apps to load or display content remotely. Note: It isn’t a full fletched browser: […]
October 28, 2021

How do you set up an Active Directory in Windows

Hey guys, I hope you are doing well. Every Pentester is always keen on learning the Active directory. This article is about how we can set […]
October 19, 2021

Static Code Analysis: An important process for finding vulnerabilities

Static code analysis analyses source code and identifies the bugs before the program is run. Vulnerabilities are identified in the source code through Static source code […]
October 13, 2021

Double-check Inputs to Avoid SSRF Vulnerability

Attackers use SSRF, a web application vulnerability, to bring about a request from the server-side application to a random domain; usually, attackers choose the domain. Server-Side […]
Enable Notifications    OK No thanks