This blog post aims to introduce a few of the key OSINT techniques, look at who makes use of OSINT, explore how OSINT can be used in the cyber security space to aid in the enumeration phase of a web application security assessment.
We take a look at some of the World’s Strangest Hacks. From MI6 Mojito Cupcakes to a Godzilla rampage in San Francisco, there are plenty of weird breaches to explore!
Web application security testing is a key detective measure that helps to ensure that any issues that have been introduced during the application’s planning, design, development, and implementation are speedily detected and flagged for attention so that they can be addressed and remediated before an attacker can exploit them. This article explores the benefits of Web Application Security Testing and how it can help your organisation.
In this blog post, we look at how exactly session hijacking works in practice, the underlying mechanics of session management that permit it to occur, how attackers may choose to exploit the weakness when it is discovered, and how website users and site administrators can best safeguard themselves and their organisations against the exploit.
In this blog post, we investigate how and why HTTP parameter pollution is possible at all, how it can potentially be exploited to undermine web application security, and how it can be guarded against by developers, system architects and others.
Application Programming Interfaces or APIs have existed for decades. However, they have recently seen a significant expansion in usage from their traditional use within areas such as Business to Business (B2B) or partner integrations into several new areas. [read more…]
