August 26, 2016

Google Cloud Print ClickJacking Vulnerability

Last weekend, I had a chance to use the Google cloud print service and found Clickjacking vulnerability. Obviously, X-Frame-Options response header was missing as shown in […]
July 18, 2016

vBulletin SQL Injection Exploit in the Wild CVE-2016-6195

vBulletin SQL Injection Exploit is released. On June 18th, vBulletin forum pushed a patch for the SQLi injection, which is still working on the number of […]
July 17, 2016

Firefox 47.0 Memory Access violation Crash – FIXED

We were working on Firefox browser automation for opening some of the URL for the malware analysis. We used the combination of python and selenium to […]
June 26, 2016

Attacking Metasploitable-2 Using Metasploit

While i was working around with Metasploit recently, i stumbled upon these very interesting exploits in which we could attack Metaspoiltable-2 using Metasploit. What got me […]
June 1, 2016

MongoDB security – Injection attacks with php

Before we move on to the MongoDb injections, we must understand what MongoDb exactly is and why we prefer it over other databases. As MongoDb does […]
May 17, 2016

SecureLayer7 Gratis PenTest Summer 2016

SecureLayer7 Gratis PenTest Summer 2016 You can now receive free penetration testing for 6 days! What is this about? Your open source software project stands a […]
April 21, 2016

Backdoor PHP code WordPress

We have detected a Backdoor PHP code. It is often hidden in the WP writable directory. This backdoor is used to send PHP code execution.   […]
April 7, 2016

Everything About Windows Application Phone Penetration Testing – Part 1

Presently, I am working on the Windows application for finding security flaws in the application. When I kick-started the application testing, I didn’t find any good […]
February 25, 2016

How to fix CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow

RedHat released Patch for CVE-2015-7547 glibc: getaddrinfo stack-based buffer overflow.  A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A […]