January 11, 2017
What is a DOM (Document Object Model)? DOM is a W3C (World Wide Web Consortium) standard. It is a platform independent interface that allows programs and scripts to […]
Sandeep Kamble January 11, 2017- All
- 3CX
- 3CX Supply Chain
- Account takeover vulnerability
- Active Directory Pentest
- Analyzing Security Vulnerabilities in XWiki
- Android Penetration Testing
- android pentesting
- Android Security
- API Penetration Testing
- API Security
- AppSec vs DevSecOps
- ASP.net Umbraco Security
- Automated Penetration Testing
- Automated Scanning
- AWS Penetration Testing
- Azure Penetration Testing
- Blue team
- bootstrapped startups
- Breach and Attack Simulation
- BugDazz
- ChatGPT
- cheap pentesting
- cheap pentesting for bootstrapped startups
- Cloud Penetration Testing
- Cloud Security
- Cloud Vulnerabilities
- Complete Guide
- Compliance
- Compliance Penetration Testing
- Cpanel Security
- CVE Releases
- Cybersecurity
- Cybersecurity Due Diligence
- Cybersecurity in Healthcare
- cybersecurity mistakes
- Data Security
- Deserialization
- DevSecOps
- Disclosure
- DNS Rebinding
- Events
- External Penetration Testing
- GDPR
- Google Cloud Platform
- GoPhish
- Gratis 2017
- Healthcare
- HIPPA
- HTTP Parameter Pollution
- HTTP Request Smuggling
- Insecure Direct Object Reference
- Internal Penetration Testing
- iOS Penetration Testing
- IoT penetration testing
- IoT Security
- Java Application
- Jobsatsecurelayer7
- Joomla Security
- JSON Web Token
- JSON Web Token Misconfiguration
- JWT
- Knowledge-base
- Kubernetes
- Kubernetes Security
- Latest Data Breach News
- Metasploit
- mongodb-security
- Nessus Explorer
- Network Penetration Testing
- Network Penetration Testing Tools
- Network Pentest Tools
- Network Security
- Network Security Assessment
- Network Security Best Practices
- Network Security Threats
- News
- OAuth
- OAuth Security
- OAuth2.0 Misconfiguration
- Offensive security
- OWASP
- OWASP API Top 10 Security Risks
- OWASP Top 10
- OWASP Top 10 Web Application Security Risks
- password recover vulnerabilties
- pen-test reports
- Penetration Test Cost
- Penetration Testing
- Penetration Testing comapnies
- Penetration Testing companies
- Penetration Testing Tools
- Phishing
- Process for Network pentesting
- Prototype Pollution
- Purple Team
- Python Application
- Ransomware Attack
- RCE
- red team
- red team vs blue team
- Remote Code Execution
- Research
- SecureLayer7 Lab
- SecureLayer7 Services
- Security Advisory
- Serialization
- Server-Side Request Forgery
- small business
- smart contract audit
- Social Engineering Attacks
- Software Security
- SQL Injection
- Supply Chain
- Telehealth
- Telehealth Services
- Tools
- top cloud security penetration testing companies
- vbulletin security
- Vulnerability
- Web Application Penetration Testing
- Web Application Security
- Web3 Penetration Testing
- Webinar
- Website Penetration Testing
- Website Security
- Windows Application Penetration Testing
- WordPress Vulnerability Àssessment
- Working with Securelayer7
Sandeep Kamble January 11, 2017November 22, 2016
Overview OWASP TOP 10 Cross-Site Request Forgery #8 is a vulnerability which is very commonly found in many web applications these days. And it is also […]
SecureLayer7 Lab November 22, 2016October 27, 2016
On Tuesday Joomla announced the security for the critical Joomla vulnerability which allows attackers to create account CVE-2016-8870 and escalate the privilege CVE-2016-8869 due to inadequate […]
SecureLayer7 Lab October 27, 2016October 20, 2016
I am a customer of YesBank and I hold my savings account with them. I also use the YesBank’s online banking application and I strongly feel that […]
Admin October 20, 2016October 1, 2016
To learn about Race Conditions Vulnerability, let us start with an example – Imagine yourself in a bus, where all the seats are occupied and several […]
SecureLayer7 Lab October 1, 2016August 26, 2016
Last weekend, I had a chance to use the Google cloud print service and found Clickjacking vulnerability. Obviously, X-Frame-Options response header was missing as shown in […]
Admin August 26, 2016July 18, 2016
vBulletin SQL Injection Exploit is released. On June 18th, vBulletin forum pushed a patch for the SQLi injection, which is still working on the number of […]
Admin July 18, 2016July 17, 2016
We were working on Firefox browser automation for opening some of the URL for the malware analysis. We used the combination of python and selenium to […]
Admin July 17, 2016June 26, 2016
In a recent investigation with Metasploit, fascinating exploits for targeting Metasploitable 2 came to light. The prospect of conducting a Metasploitable 2 walkthrough using Metasploit sparked […]
Sandeep Kamble June 26, 2016