Log4j – A Billion Device Vulnerability
Could you imagine that something very dangerous has been present in billions of devices since 2013 that can potentially take over more […]
Category: VAPT
Getting Started into the Network Security
The recent years have emphasised the importance of cyber security in a data-driven world where everyone, regardless of their size or mission, […]
Ultimate Guide To SQL Injection – Part I
Cybersecurity expert and hacker Jeff Forristal initially described the SQL injection attack in 1998. It has been more than two decades since […]
CVE-2022-30190 THE FOLLINA VULNERABILITY
Introduction To Follina (CVE-2022-30190) On May 27th, 2022, Nao_sec discovered a strange Word document uploaded from a Belarusian IP address. Apparently, this […]
Authentication and Authorization
As you recursively visit your local bank, there is a possibility that the bankers will recognize you by looking at you. Yes, […]
Insecure Direct Object Reference (IDOR)
Insecure Direct Object Reference (IDOR) was listed in the OWASP (Open Web Application Security Project) Top 10 back in 2007 and currently […]
Oauth A Feature To Vulnerability
Introduction There have been a huge increase in the number of web services in recent years, and these services must collaborate. You […]
Dependency Confusion – A Supply Chain Attack
Dependency confusion is a vulnerability which gained popularity in 2021 when Alex Birsan discovered it. It is one of the most impactful […]
Getting Started into Android Security
The availability of the Internet, lower data rates, and the easy use of mobile devices such as Android phones have been used […]
HTTP REQUEST SMUGGLING PART-2
Welcome to the part 2 of exciting HTTP Request Smuggling vulnerability ! In case, you have missed part 1 then here’s link […]
