What systems did the attacker access?
Will your company ever ask this question? Hopefully the FBI does not call you … As Jim Aldridge from Mandiant says in this youtube video the first thing that will…
The 8th network layer is always a problem
As everyone knows – there are 7 OSI network layers. Microsoft explains And this is my favorite Open Source Interconnect (OSI) diagram: So what do I mean about the “8th…
2Q report by IBM X-Force, 23% of websites vulnerable.
CSRF or Cross Site Request forgery is the highest likely method of attack Broken Authentication is second And cross-site scripting(XSS) is third SQL Injection as well as security misconfigurations are…
more pentesting tools in the toolkit
Hydra, w3af, Scapy are all good as well. We can create our own scans using scapy – as we can create our own scan reviews depending on the environment that…
Pentesting – what is it actually?
Penetration testing are several acts on various computers and systems. First in “recon” one checks the public profile of the company. Use scan tools, nmap, hping, scapy, burp suite, and…