What are CVE, CVSS, CWE scores?
CVE : CVE stands for Common Vulnerabilities and Exposures. In simple words it is a database of all the publicly disclosed cybersecurity...
top of page
5 days ago1 min read
What is Hashing and its practical examples?
Hashing is the process of converting an input into a hash value, think of it like a secret code that can be easily translated one way,...
0 views
5 days ago2 min read
What is symmetric and asymmetric encryption and what are the practical uses of the same?
In symmetric encryption, a single key is used which can encrypt plaintext into ciphertext as well as decrypt ciphertext into plaintext....
0 views
6 days ago1 min read
Approach towards testing a login page, reset password/verify email
Following test cases can be applied on the Login page: Bruteforce the login using cluster bomb attack. (both username / password) Use...
0 views
6 days ago1 min read
Privilege escalation practical example with mitigations.
In role based applications, a penetration tester should always ensure that he tests for privilege escalation. Let's take an example of a...
0 views
6 days ago1 min read
How Would You Monitor and Log Cyber Security Events
Monitoring and Logging Security Events is crucial for understanding and responding to potential security threats. In order to Monitor and...
0 views
6 days ago4 min read
What is vulnerability management? Explain the process
The vulnerability management process involves the objective to detect and mitigate vulnerabilities in the organization. It can be done...
0 views
6 days ago6 min read
What are the authorization test cases?
1. Insecure Direct Object References (IDOR) : Imagine you have a web application where each user has an account page with a unique number...
0 views
6 days ago1 min read
How will you test Forgot password functionality ? and what are common issues
Verify that the "Forgot Password" link/button is prominently displayed on the login page. Check that the user is directed to the correct...
0 views
6 days ago1 min read
What are the tools to learn ethical hacking / Penetration testing?
Following are two tools for beginners that will help in testing websites and networks: Burp Suite Nmap Nessus OWASP ZAP JohnTheRipper...
0 views
bottom of page