December 1, 2017
A critical vulnerability has been discovered in macOS High Sierra allowing any user to get root access on a mac system without any passwords. In order […]
Samrat Das December 1, 2017SecureLayer7 Lab is important part of company. We release the most of the research work under this section. The goal of the lab is to share the information with readers and to educate them. If you have any questions, please email [email protected].
- All
- 3CX
- 3CX Supply Chain
- Account takeover vulnerability
- Active Directory Pentest
- Analyzing Security Vulnerabilities in XWiki
- Android Penetration Testing
- android pentesting
- Android Security
- API Penetration Testing
- API Security
- AppSec vs DevSecOps
- ASP.net Umbraco Security
- Automated Penetration Testing
- Automated Scanning
- AWS Penetration Testing
- Azure Penetration Testing
- Blue team
- bootstrapped startups
- Breach and Attack Simulation
- BugDazz
- ChatGPT
- cheap pentesting
- cheap pentesting for bootstrapped startups
- Cloud Penetration Testing
- Cloud Security
- Cloud Vulnerabilities
- Complete Guide
- Compliance
- Compliance Penetration Testing
- Cpanel Security
- CVE Releases
- Cybersecurity
- Cybersecurity Due Diligence
- Cybersecurity in Healthcare
- cybersecurity mistakes
- Data Security
- Deserialization
- DevSecOps
- Disclosure
- DNS Rebinding
- Events
- External Penetration Testing
- GDPR
- Google Cloud Platform
- GoPhish
- Gratis 2017
- Healthcare
- HIPPA
- HTTP Parameter Pollution
- HTTP Request Smuggling
- Insecure Direct Object Reference
- Internal Penetration Testing
- iOS Penetration Testing
- IoT penetration testing
- IoT Security
- Java Application
- Jobsatsecurelayer7
- Joomla Security
- JSON Web Token
- JSON Web Token Misconfiguration
- JWT
- Knowledge-base
- Kubernetes
- Kubernetes Security
- Latest Data Breach News
- Metasploit
- mongodb-security
- Nessus Explorer
- Network Penetration Testing
- Network Penetration Testing Tools
- Network Pentest Tools
- Network Security
- Network Security Assessment
- Network Security Best Practices
- Network Security Threats
- News
- OAuth
- OAuth Security
- OAuth2.0 Misconfiguration
- Offensive security
- OWASP
- OWASP Top 10
- OWASP Top 10 Web Application Security Risks
- password recover vulnerabilties
- pen-test reports
- Penetration Test Cost
- Penetration Testing
- Penetration Testing comapnies
- Penetration Testing companies
- Penetration Testing Tools
- Phishing
- Process for Network pentesting
- Prototype Pollution
- Purple Team
- Python Application
- Ransomware Attack
- RCE
- red team
- red team vs blue team
- Remote Code Execution
- Research
- SecureLayer7 Lab
- SecureLayer7 Services
- Security Advisory
- Serialization
- Server-Side Request Forgery
- small business
- smart contract audit
- Social Engineering Attacks
- Software Security
- SQL Injection
- Supply Chain
- Telehealth
- Telehealth Services
- Tools
- top cloud security penetration testing companies
- vbulletin security
- Vulnerability
- Web Application Penetration Testing
- Web Application Security
- Web3 Penetration Testing
- Webinar
- Website Penetration Testing
- Website Security
- Windows Application Penetration Testing
- WordPress Vulnerability Àssessment
- Working with Securelayer7
Samrat Das December 1, 2017September 15, 2017
Reverse Engineering is an fascinating art of playing with low level code. In this article, we will see a hands-on tutorial for patching an exe file […]
Samrat Das September 15, 2017September 3, 2017
Hi Readers, This article is about Burp Suite Macros which helps us in automating efforts of manual input payload fuzzing. While it may be known to […]
Samrat Das September 3, 2017August 28, 2017
This blog covers Cross-Site Scripting (XSS) vulnerability from a different perspective. Generally, XSS is when the application takes user supplied JavaScript and displays it without escaping/encoding. […]
Saurabh Banawar August 28, 2017August 6, 2017
Static Analysis/ Reverse Engineering for Thick Clients Penetration Testing 4 Hi Readers, let’s take a look into static analysis. The advantage which thick clients offer over […]
Samrat Das August 6, 2017August 5, 2017
Thick Client Penetration Testing – 3 covering the Java Deserialization Exploit Resulting Remote Code Execution Welcome Readers, in the previous two blogs, we have learnt about […]
Samrat Das August 5, 2017July 29, 2017
After getting the basics of thick client pentest, let’s delve into the very first steps you can take to commence thick client pentest. Interception and setting […]
Samrat Das July 29, 2017July 29, 2017
Why thick client penetration testing? Thick client applications are not new having been in existence for a long time, however if given to perform a pentest […]
Samrat Das July 29, 2017August 26, 2016
Last weekend, I had a chance to use the Google cloud print service and found Clickjacking vulnerability. Obviously, X-Frame-Options response header was missing as shown in […]
Admin August 26, 2016