Archives
-
Guess Cookie, Hijack Session!
In addition to my previous article – Old Cookies Die Hard, and detailed disclosure of LinkedIn Vulnerability, I studied the cookie patterns from different websites. Many of these websites have complex patterns in the cookies which are long enough (> 100 characters) and complex (A-Z, a-z, 0-9 and symbols). In ideal case (Web Session Management [...]
Mar 23rd, 2013 | Filed under HackingTags: acces code, application, cookie, design flaw, disclosure, hack, login, owasp, pentest, research, security, session management, vulnerability, web, webserver -
PenTest – What to look for?
Published Source (PenTest Magazine, June 2011): http://pentestmag.com/june-issue-what-should-you-look-for/ Vulnerabilities are increasing by leaps and bounds and any industry – technical or non-technical has to grow its security in sync or else, it is highly vulnerable and lucrative target. There is news of data loss, breaches every now and then. A rough estimate of the growth of [...]
Feb 24th, 2012 | Filed under PenTest -
Penetration Testing
All the CXO, security enthusiasts know this term – Pentest (Penetration Testing). What is pentesting and how has it evolved all these years? Is it catching up with the hackers of this century, or now this trend is just side tracked? Pentest as per Wikipedia, is a method of evaluating the security of a computer [...]