Mitigate OWASP Top 10 Android Risks with Static Analysis
With the widespread use of mobile applications and the growing concern for mobile app security, it has become crucial for developers to ensure the integrity and security of their Android…
Category: Knowledge-base
Category Archive
Webinar – Mobile app pen testing: Understanding android apps and how to secure them
With 2.5 billion android users across 190 countries, the digital expansion offers limitless opportunities for businesses. But along with opportunities come the challenges that plague the digital world. The digital…
postMessage(): common issues and how you can mitigate them?
The window.postMessage() method, provided by the Window interface in web browsers, serves as a pivotal tool for enabling secure cross-origin communication between distinct browsing contexts. This method is instrumental in…
Websocket: common vulnerabilities plaguing it and managing them.
WebSockets allow the client/server to create a bidirectional communication channel. Then the client and server communicate asynchronously, and messages can be sent in either direction.
Sharpening your FRIDA scripting skills with Frida Tool
We can see a nice UI. In this application, there are 8 missions with minimal instructions provided. We can click on the check button after each attempt; if it changes…
Recon: an important part of penetration test for finding vulnerabilities
Reconnaissance (aka Recon), a pen-testing process, is crucial in a Black Box Penetration test. A Recon is important for exploring an area to gather confidential information. A recon would provide…
Learn about Android WebView and its Vulnerabilities
Every android app must have an AndroidManifest.xml file that describes essential information—components, package name, apps permissions, hardware and software requirement— about the application.
How do you set up an Active Directory in Windows
Hey guys, I hope you are doing well. Every Pentester is always keen on learning the Active directory. This article is about how we can set a basic Active directory…
Static Code Analysis: An important process for finding vulnerabilities
Static code analysis analyses source code and identifies the bugs before the program is run. Vulnerabilities are identified in the source code through Static source code analysis (SSCA); Developers use…
Double-check Inputs to Avoid SSRF Vulnerability
Attackers use SSRF, a web application vulnerability, to bring about a request from the server-side application to a random domain; usually, attackers choose the domain.