Microsoft IIS short file name enumeration is a technique used to discover the filenames and directories on a web server running IIS. This method exploits a feature in IIS related to how it handles file and directory names. This vulnerability is kind of the gift that keeps on giving. As of writing, it’s been around
In this part of the guide we go over more of the MobSF output for the YouTube APK
Welcome to the final entry in our OWASP Top Ten Series – Software and Data Integrity Failures. If you haven’t read any of the previous ones, check them out. Among the OWASP Top Ten entries, Software and Data Integrity Failures have emerged as a formidable category that encapsulates a range of issues where assumptions about
Affordable Penetration Testing: A Necessity, Not A Luxury In today’s interconnected world, it’s not a question of if your business will face a cyber threat, but when. As cyber threats continue to evolve, businesses of all sizes find themselves in the crosshairs of potential attacks. But for small and medium-sized enterprises (SMEs), the idea of
If you haven’t read the previous entry in the Mobile Application Penetration Testing series, check it out. In this post we will start in with a frequently use mobile application security tool – MobSF. This is a tool that you’ll pretty much want to use on every mobile test that you do. As said before,
Welcome to the first of many parts of our series on Mobile Application Penetration Testing. We wanted to write this series because it seems like a lot of the material out there on mobile application penetration testing is out of date, wrong, or lacking. Furthermore, when it comes to mobile application penetration testing, there are
Introduction Credential stuffing is a form of cyberattack where attackers use automated scripts to try a large number of username and password combinations (usually obtained from previous breaches) on multiple websites, hoping that individuals have reused their credentials. While this attack method is not sophisticated, its simplicity and effectiveness make it a go-to strategy for