Performing a penetration test against an API is very similar to performing a penetration test against a web application. Both applications use web technologies and have basically the same type of vulnerabilities. However, an API does not always offer a user interface to communicate which makes testing it more difficult. ...
A WAF is one of the most recommended security solutions for web applications. This solution was made to stop known and unknown attacks against websites. However, cyber security researchers have discovered many techniques on how to bypass those firewalls and successfully exploit vulnerabilities. So, what are the most powerful web ...
After years of experience in penetration testing, I can say that one of the best things that can happen during a penetration test is to find a security misconfiguration. Unfortunately, when you look for these vulnerabilities on Google all that you get is theories or discussions and explanations of such ...
DDOS attacks are one of the easier and most popular attacks that can a website or server in general faces. The number and the power of those attacks are at rising years after years due to the number of vulnerable devices that get connected to the internet. Therefore, everyone needs ...
As an old developer and a penetration tester, between all the vulnerabilities I have seen in my whole experience in both fields file upload was the most difficult one to fix and the most dangerous. The difficulty resides in the number of things you should check before allowing a file ...
Being a passionate penetration tester gives you the courage and the willingness to test all possible and new attacks against your target. Therefore, to be able to perform those new attacks you must always be up to date with any new techniques will developing yours. However, the most difficult type ...
Losing your website even for an hour is in many cases a disaster for companies, and I worked with many clients that were in such a situation, and trust me you don’t want to be there. Therefore, the main question here is how do I save my website from getting ...
Undoubtedly, ChatGPT stands out as one of the most remarkable inventions of 2021. Its wide-ranging capabilities and applications have opened up endless possibilities for human interaction and problem-solving. Furthermore, certain users have begun employing ChatGPT for the actual execution of smart contract audits. However, can ChatGPT audit a smart contract? [...]
