What is Sniffing? Sniffing refers to the process of intercepting and capturing network traffic, often used by attackers to eavesdrop on sensitive data such as usernames, passwords, and confidential communications Sniffers can be either hardware or software installed on the system, and by setting one up on a network in promiscuous mode, a malicious intruder […]

What is OS Command Injection:- OS Command Injection is a type of security vulnerability that occurs when an attacker is able to execute arbitrary operating system (OS) commands on a server or web application by exploiting improper handling of user input. This vulnerability arises when user-supplied data is improperly sanitized or validated, allowing the attacker […]

What is HTTP request smuggling? HTTP request smuggling is a technique for interfering with the way a web site processes sequences of HTTP requests that are received from one or more users. Request smuggling vulnerabilities are often critical in nature, allowing an attacker to bypass security controls, gain unauthorized access to sensitive data, and directly […]

What is DOM XSS :- DOM XSS (Document Object Model Cross-Site Scripting) is a type of Cross-Site Scripting (XSS) vulnerability that occurs when an attacker is able to inject and execute malicious scripts within a website’s DOM (Document Object Model) in the user’s browser. Unlike traditional XSS, which typically occurs when untrusted data is injected […]

What is path traversal? Path traversal is also known as directory traversal. These vulnerabilities enable an attacker to read arbitrary files on the server that is running an application. This might include: Application code and data. Credentials for back-end systems. Sensitive operating system files. What is path traversal vulnerability? A path traversal vulnerability (also known […]

With the rise in cybercrime, the demand for cybersecurity issues is getting higher with every passing day. The worst part is that it has affected the financial sector significantly especially for the regulated entities as well. On 14th January, 2024, SEBI or Securities and Exchange Board of India came out with an important clarification with […]

What is GitHub Dorking? With the help of advanced search queries on the Github you can find sensitive information or exposed information on GitHub repositories. GitHub search functionality helps to locate the publicly available codes, credentials, api-keys, configurations, and the data that could be sensitive. Why GitHub Dorking is Important ? Sensitive Data Exposure: GitHub […]

As the world becomes increasingly digitalized, the need for effective security measures becomes more apparent. The level of cyber security threat cannot be ignored, and as the cyber threats change its approaches, more and more skilled measures should be put in place to secure the key data. Perhaps the best way to strengthen security is […]

In this post, the reader will find many kinds of hackers: white hats, black hats, gray hats, script kiddies, hacktivists, nation-state hackers, cyber thieves, blue hats and purple hats. In order for us to improve on security and ethical hacking practice, it is very important to understand how and on what grounds they operate. 1.White […]

With the advent of the internet and new technologies, the activities of ethical hackers have become more useful now than at any other time in history. However, along with the undeniable benefits of technology, the concept of ‘cybercrime’ poses a real threat as well. To achieve the goal, it is important to understand where the […]