Privilege escalation practical example with mitigations.
In role based applications, a penetration tester should always ensure that he tests for privilege escalation. Let's take an example of a...
top of page
6 days ago6 min read
What are the authorization test cases?
1. Insecure Direct Object References (IDOR) : Imagine you have a web application where each user has an account page with a unique number...
0 views
6 days ago1 min read
How will you test Forgot password functionality ? and what are common issues
Verify that the "Forgot Password" link/button is prominently displayed on the login page. Check that the user is directed to the correct...
0 views
6 days ago1 min read
How to install DVWA in Kali Linux?
Following tutorial demonstrates a simple way of installing DVWA in Kali https://www.youtube.com/watch?v=PaB17Cc0dUg
2 views
6 days ago2 min read
How do you attack a login page?
Test Cases: Here are the following ways in which we can attack a login page: Source Code and Wappalyzer - Using source code, it might be...
0 views
6 days ago1 min read
What is Parameter pollution?
Parameter pollution is a security vulnerability that can occur in web applications when user supplied data, such as query parameters,...
0 views
Nov 153 min read
What are the test cases for an ecommerce website and Banking website
Before we start with the test cases for the Banking website, let’s understand the functionality of Banking web app: The banking web...
1 view
Nov 151 min read
Explain different HTTP methods: PUT,PATCH,DELETE,POST,GET,TRACE,TRACK,OPTIONS
PUT: This method is used to update an existing resource on a web server. For example, if you want to update a user's profile information,...
1 view
Nov 135 min read
OWASP top 10 explained for dummies?
Open Web Application Security Project (OWASP) is a non-profit organization dedicated to address security threats. They address top 10...
0 views
Nov 132 min read
What is XXE and its mitigation?
XXE stands for XML External Entity and before we understand the attack, lets understand what is XML first: XML (eXtensible Markup...
1 view
bottom of page