February 14, 2017
Published by Saurabh Banawar on February 14, 2017

OWASP Top 10 Details About WebSocket Vulnerabilities and Mitigations

Socket in a Nutshell A socket is an endpoint of a network communication. A socket always comes in 2 parts: An IP address and a port. […]
Saurabh BanawarSaurabh Banawar February 14, 2017
January 31, 2017
Published by Sandeep Kamble on January 31, 2017

PageKit Open Source CMS Penetration Test

Overview Under the SecureLayer7’s Gratis Pentest Summer 2016, our consultant “Saurabh Banawar” have performed the 2 days penetration testing on the PageKit open source CMS application. […]
Sandeep KambleSandeep Kamble January 31, 2017
January 11, 2017
Published by Saurabh Banawar on January 11, 2017

OWASP Top 10 : Cross-Site Scripting #2 DOM Based XSS Injection and Mitigation

What is a DOM (Document Object Model)? DOM is a W3C (World Wide Web Consortium) standard. It is a platform independent interface that allows programs and scripts to […]
Saurabh BanawarSaurabh Banawar January 11, 2017
January 8, 2017
Published by Prakash Dhatti on January 8, 2017

OWASP Top 10 : Penetration Testing with SOAP Service and Mitigation

SOAP Overview: Simple Object Access Protocol (SOAP) is Connection or an interface between the web services or a client and web service. SOAP is operated with […]
Prakash DhattiPrakash Dhatti January 8, 2017
January 7, 2017
Published by Saurabh Banawar on January 7, 2017

OWASP TOP 10: Security Misconfiguration #5 – CORS Vulnerability and Patch

What is the meaning of an origin? Two websites are said to have same origin if both have following in common: Scheme (http, https) Host name (google.com, […]
Saurabh BanawarSaurabh Banawar January 7, 2017
November 22, 2016
Published by Ishaq Mohammed on November 22, 2016

OWASP TOP 10 Cross-Site Request Forgery #8 – About CSRF Vulnerability and Fix

Overview OWASP TOP 10 Cross-Site Request Forgery #8 is a vulnerability which is very commonly found in many web applications these days. And it is also […]
Ishaq MohammedIshaq Mohammed November 22, 2016
October 27, 2016
Published by Shravan Kumar on October 27, 2016

Understanding Account Creation and Privilege Escalation Vulnerability in Joomla

On Tuesday Joomla announced the security for the critical vulnerability which allows attacker to create account CVE-2016-8870 and escalate the privilege CVE-2016-8869 due to inadequate checks […]
Shravan KumarShravan Kumar October 27, 2016
October 20, 2016
Published by Sandeep Kamble on October 20, 2016

Password Reset OTP Bypass Critical Vulnerability in YesBank Banking Application

I am a customer of YesBank and I hold my savings account with them. I also use the YesBank’s online banking application and I strongly feel that […]
Sandeep KambleSandeep Kamble October 20, 2016
October 1, 2016
Published by Ishaq Mohammed on October 1, 2016

Learn About Race Conditions Vulnerability

To learn about Race Conditions Vulnerability, let us start with an example – Imagine yourself in a bus, where all the seats are occupied and several […]
Ishaq MohammedIshaq Mohammed October 1, 2016
Prev page
1...7891011...13
Next page
Enable Notifications.    Ok No thanks