An SSL handshake is a process that happens when a user's web browser connects to a website using the HTTPS protocol. This process...

Testing Scope, timeline, and support At the beginning of the Network Security Testing process, the penetration tester understands the...

The approach to test web application is as follows: 1. Application walkthrough and scope of testing: At the beginning of the Web...

Authentication is the process of verifying the identity of a user, device, or system. It ensures that the person or entity trying to...

Open Web Application Security Project (OWASP) is a non-profit organization dedicated to address security threats. They address top 10...

CVE (Common Vulnerabilities and Exposures) is a list of unique identifiers for known security vulnerabilities. It provides a standardized...

XXE stands for XML External Entity and before we understand the attack, lets understand what is XML first: XML (eXtensible Markup...

Before going forward with session hijacking, let's deep dive into what a session is. A session is a unique token which establishes a...

Cookies are small files that websites store on a user's computer to remember certain information about that user. Cookies can have...

File inclusion is a type of vulnerability that can exist in web applications. It occurs when a web application allows a user to include a...