blog

Our Latest Blogs

Explore our latest blog posts and stay secure in a digital world.

Facebook Like Widget – Spammers Tool???
January 1, 2014
Pentests

Now a days, I get very curious to look at view-source of website where Facebook’s Like button is embedded. But why should I do this? Isn’t facebook Like button trusted? This is right.. Huh!!! The answer is NO. If there is a mismatch in the domain (you are visiting) and facebook’s Like button then there is surely a problem and it is a spam page.

Configuring ModSecurity with OWASP CRS – Part II
December 9, 2013
Pentests

The next step is to configure ModSecurity with OWASP CRS (Core Rule Set) rules.

.NET Inherent Protection against CSRF
December 7, 2013
Pentests

Cross Site Request Forgery is one of the most happening attacks over the internet today. The attackers find it easy to exploit as it does not require any authentication information, session cookies but only require the user to be authenticated to the application. And this works on every platform.

Pentesting Thick Client Apps
October 13, 2013
Pentests

Pentesting thick client applications is not a new concept instead the techniques adopted are new and interesting. I’m a bit lazy on explaining what thick client apps are, please refer here for more info. GTalk, Pidgin, Skype, MSN are few examples of thick client applications.

Configuring ModSecurity with OWASP CRS – Part 1
October 6, 2013
Pentests

We were motivated to write about it when few of our clients just instantly asked us about blocking all known malicious web attacks at web server level itself. We quickly suggested them an open source, reliable WAF solution that suffice to their requirement. Obviously, just installing WAF does not mean that you do not need application security controls.

Automating Nessus Capabilities
August 23, 2013
Tools & Techniques

In the process of automating network scans for large networks there is a necessity to automate Nessus scans as well. The major advantage and most important point of this automation is that it allows you to do a Schedule scan in Home Feed version (which is only available in Pro feed) and the easiest part is your scans would run as if you are running from your Nessus web interface client.

Subscribe to our newsletter

Join our newsletter today and enhance your knowledge with valuable insights. It's quick, easy, and free!

Be a Team Player
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.