Sign in

cybersecurity researcher 》 programmer 》web developer》 pentester 》hacker》 bug hunter

Level 0

Just login via ssh

century1:century1

Level 1

The password for Century2 is the build version of the instance of PowerShell installed on this system.

We can get it with the powershell env variable $PSVersionTable

Name…


The best-case scenario for an attacker is if attacks on an application can go unnoticed as this would give the confidence to carry out consecutive attacks on the same application which could provide enough time for the attacker to fully compromise the system. …


What is Using components known vulnerabilities ?

when the components such as libraries and frameworks used within the app almost always execute with full privileges. If a vulnerable component is exploited, it makes the hacker’s job easier to cause a serious data loss or server takeover.

Exploitability of the risk…


Introduction

Today, Developing web applications sometimes require to transfer data for storing, communication, logging, etc. They have to prepare and send data each other so data are quite important especially financial, health and so on.

Applications should transfer data with the same data format, it makes the application to convert to…


In this blog we are going to learn about the security misconfiguration from the OWASP top 10 .we are learning this from past month and today we cam to the 7th one lets learn about misconfiguration through the picture.

API security anti-pattern for Security Misconfiguration

Security misconfiguration is commonly a result of

  • insecure default configurations
  • incomplete or ad-hoc configurations
  • open cloud storage
  • misconfigured HTTP headers
  • unnecessary HTTP methods
  • permissive Cross-Origin resource sharing (CORS)
  • and verbose error messages containing sensitive information

The good thing is, that it is relatively easy to fix security misconfiguration and considerably improve the API security as a result.

If you have any doubts please ping me in instagram.(__fazalurrahman__)

Cheers….!


Before we talk about Broken Access Control, let’s get to grips with Access Control.

Access Control is the access control — including the right to access information in the system.


Traditionally, computers are connected to each other using cables — creating a network. The cable used most often is Ethernet, which consists of four pairs of wires inside of a plastic jacket. It is physically similar to phone cables, but can transport much more data.

But cables and computers alone…


Routers do the majority of the hard work on a network — they make the decisions about all the messages that travel on the network, and whether to pass messages to and from outside networks. There are three main functions:

Separate and Bridge

Routers separate networks into sections, or bridge…


An important relationship on networks is that of the server and the client. A server is a computer that holds content and services such as a website, a media file, or a chat application. A good example of a server is the computer that holds the website for Google’s search…


In order to send and direct data across a network, computers need to be able to identify destinations and origins. This identification is an IP — Internet Protocol — address. An IP address is just a set of four numbers between 1 and 254, separated by dots. …

Fazal

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store