There are two approaches we can follow while performing configuration review: Automated Approach using Nessus: 1. Tool Configuration:...

The SSL handshake is the negotiation between the two parties or can say that the communication between the client (web browser) and the...

OSI or Open-System Interconnection Model is a reference model which describes seven layers that computer systems use to communicate over...

In a computer science or network a port can be defined as both physical and logical. A port acts like a door through which data can flow...

Burpsuite is an integrated, user-interface proxy tool which is used to perform security testing of web applications or websites. It is...

The Open Web Application Security Project or OWASP is an international non-profit organization that produces freely available articles,...

The following are the fundamental nmap commands and their purpose as follows: Basic scan techniques: Scan name and their purpose NMAP...

JSON Web Tokens (JWTs) are widely used for authentication and authorization in web applications. However, like any technology, they can...

Reconnaissance is one of the most important steps in web application penetration testing as this step gives us a good idea about the...

Vulnerability, risk, threat, likelihood, and impact are crucial concepts that help experts understand, assess, and mitigate potential...