What is your methodology and approach when testing a web application which is using Wordpress?
Before moving forward with the approach to test a wordpress website, let’s discuss what is a wordpress. So, wordPress is a widely used,...
top of page
5 days ago1 min read
What is the use of the Sequencer tab in Burpsuite?
Burp Sequencer is a sophisticated tool which is used to analyze the quality of randomness of data or tokens, specifically focusing on...
1 view
5 days ago3 min read
What are the common metasploit commands?
Metasploit Framework is one of the most powerful and leading penetration-testing tool written in Ruby, and also one of the biggest...
0 views
5 days ago1 min read
How to install and configure Burpsuite?
For download, visit this link and choose your Operating system: https://portswigger.net/burp/releases/professional-community-2022-8-1?req...
0 views
5 days ago2 min read
What is SSL handshake (for dummies) and how does it help in security https?
The SSL handshake is the negotiation between the two parties or can say that the communication between the client (web browser) and the...
0 views
5 days ago1 min read
Why Burpsuite is able to capture https traffic?
Burpsuite is an integrated, user-interface proxy tool which is used to perform security testing of web applications or websites. It is...
0 views
5 days ago2 min read
Owasp Top 10 2017 vs 2021
The Open Web Application Security Project or OWASP is an international non-profit organization that produces freely available articles,...
0 views
5 days ago3 min read
What are the different types of JSON web token attacks?
JSON Web Tokens (JWTs) are widely used for authentication and authorization in web applications. However, like any technology, they can...
0 views
5 days ago3 min read
How to perform reconnaissance on a web application? Explain the methodology of tools you use to perform reconnaissance?
Reconnaissance is one of the most important steps in web application penetration testing as this step gives us a good idea about the...
0 views
6 days ago1 min read
Approach towards testing a login page, reset password/verify email
Following test cases can be applied on the Login page: Bruteforce the login using cluster bomb attack. (both username / password) Use...
0 views
bottom of page