Tuesday, October 29, 2024

Webapp Pentesting

Web Server Penetration Testing Checklist – 2024

Web server pentesting is performed under three significant categories: identity, analysis, and reporting vulnerabilities such as authentication weaknesses, configuration errors, and protocol relationship vulnerabilities. 1.  "Conduct a series of methodical and repeatable...

ReconAIzer: OpenAI-based Extension for Burp Suite

Burp Suite, the renowned Bug Bounty Hunting and Web Application Penetration Testing tool, has been improvised with many extensions over the years. Many of...

HackerOne Lays off 12% of Its Employees as a One-Time Event 

HackerOne is a renowned cybersecurity company that offers bounty and penetration testing platforms to ethical hackers for the following activities:-Asset discoveryContinuous assessmentProcess enhancement for...

Web Application Pentesting – Manual SQL Injection With Error Based String Method

SQL injection is the code injection technique to gain access to the database(MySQL, MSSQL, Oracle etc). Owasp 2018 Release still describes this injection as an A1...

Burp Suite 2023.8 Released – What’s New!

The updated Burp suite scanner has new add-on features and bug fixes that enhance the scanning process's overall performance.Burp Suite is an integrated platform/graphical...

8 Best Web Security and Hacking Software for Security Professionals in 2024

Hacking software is not only used by hackers for criminal activities but it's equally used by white hat hackers and security professionals to identify...

Web Application Attacks – Types, Impact & Mitigation – Part-2

With this article, we list some of the common Web Application Attacks part-2, impacts, and possible mitigation. In part -2 we are covering the...

Burp Suite New GraphQL API to Detect Hidden Endpoints

The Burp Scanner's new GraphQL capabilities allow it to recognize known endpoints, locate hidden endpoints, determine whether introspection or recommendations are enabled, and report...

Scanning for OWASP Top 10 With w3af – An Open-source Web Application Security Scanner

w3af is an open-source web application security scanner (OWASP Top 10) that enables developers and penetration testers to distinguish and exploit vulnerabilities in their...

Web Application Pentesting with Manual SQL Injection – Integer Based

Today we will perform manual SQL injection with an integer-based method for the MySQL database. I hope the last article on error-based string injection...

How to Perform Manual SQL Injection With Double Quotes Error-Based String Method

If you are trying to hack the databases with methods like single quotes error-based Manual SQL Injection, Integer based injection but the databases are not...