Category: penetration-testing

Case Study: Bank Safeguards Mobile Assets with NowSecure
App Vetting, banking

Case Study: Bank Safeguards Mobile Assets with NowSecure

Case Study: Bank Safeguards Mobile Assets with NowSecure A fast-growing regional bank embarking on digital transformation lacked insight into the risks associated with the mobile ... Read More

Independence Is Not a Dirty Word
bug-bounty, BugBountywriteup

Independence Is Not a Dirty Word

Note: The following article was published on 16/01/2017 on //FogMarks.comcredit: //www.picpedia.org/highway-signs/i/independence.htmlAs promised in the last case-study, today we are going to see a very interesting ... Read More

When i found error logs through debug information(cgi scripts) and ws-ftp log
bug-bounty, BugBountywriteup

When i found error logs through debug information(cgi scripts) and ws-ftp log

During the assessment, I have found the debug URL on xyz.com which is disclosing the World Wide real time error logs..Continue reading on InfoSec Write-ups ... Read More

Writeup — HackTheBox Writeup
BugBountywriteup, penetration-testing

Writeup — HackTheBox Writeup

Writeup — HackTheBox WriteupWriteup retires this week, was a pretty easy box with an interesting privesc technique. I’ll start off by finding a disallowed entry in robots.txt ... Read More

HacktheBox — Writeup
BugBountywriteup, CTF

HacktheBox — Writeup

HacktheBox — WriteupThis is a write-up on how I solved Writeup from HacktheBox.//www.hackthebox.eu/home/machines/profile/192Hack the Box is an online platform where you practice your penetration testing skills.As always, I ... Read More

The ROI of Automated Mobile App Security Testing
Automated security testing, DevSecOps

The ROI of Automated Mobile App Security Testing

The ROI of Automated Mobile App Security Testing When you look at the numbers behind the business case for automated mobile app security testing as ... Read More

Pentesting an IOT based Biometric Attendance device
BugBountywriteup, iot

Pentesting an IOT based Biometric Attendance device

During one of the Red Team engagements, I got a chance to pentest a Biometric attendance device which was often used by the client to ... Read More

Senstive Information Leak Lead To join any Organisation
bug-bounty, BugBountywriteup

Senstive Information Leak Lead To join any Organisation

Disclaimer:The sole purpose of this article is educational and for testing of your own applications. This is not intended for piracy or any other non-legal ... Read More

Stories Of IDOR
bug-bounty, BugBountywriteup

Stories Of IDOR

HelloWelcome Back ,This is going to be Series ,where Iwill Share My Findings .What Is IDOR:Insecure Direct Object References occur when an application provides direct access to objects based ... Read More