Microsoft IIS short file name enumeration is a technique used to discover the filenames and directories on a web server running IIS. This method exploits a feature in IIS related to how it handles file and directory names. This vulnerability is kind of the gift that keeps on giving. As of writing, it’s been around
In this part of the guide we go over more of the MobSF output for the YouTube APK
Welcome to the final entry in our OWASP Top Ten Series – Software and Data Integrity Failures. If you haven’t read any of the previous ones, check them out. Among the OWASP Top Ten entries, Software and Data Integrity Failures have emerged as a formidable category that encapsulates a range of issues where assumptions about
In the ever-evolving world of cybersecurity, businesses often come across terms like ‘vulnerability assessments‘ and ‘penetration testing‘. While they might seem interchangeable to the untrained eye, they serve distinct purposes. Both are critical components of a comprehensive security strategy, but they approach the task of safeguarding a network from different angles. Let’s dive into the
If you haven’t read the previous entry in the Mobile Application Penetration Testing series, check it out. In this post we will start in with a frequently use mobile application security tool – MobSF. This is a tool that you’ll pretty much want to use on every mobile test that you do. As said before,
Welcome to the first of many parts of our series on Mobile Application Penetration Testing. We wanted to write this series because it seems like a lot of the material out there on mobile application penetration testing is out of date, wrong, or lacking. Furthermore, when it comes to mobile application penetration testing, there are
Prior to reading this, please check out a previous blog of ours on how important an external penetration test is. Hey there, security enthusiasts and curious minds alike! Today, we are taking a deep dive into a topic that’s often buzzing around but isn’t always entirely understood – yes, we’re talking about Internal Penetration Testing