Feedbacks from Application Pentest
I have recently completed penetration testing of a SAP portal application for a customer. It was a short-time (5 days) assignment which required execution of tool-supported automatic pentest (with IBM...
View ArticleThe Web Application Security Check List in English
In my previous post, I did mention the web application security check list for auditors. The check list has been now translated into English. For the details, see the Google project site.
View ArticlePentesting of Authentication Bypass via SQL-Injection with Burpsuite Intruder
A login process containing SQL injection vulnerability can be bypassed by attackers. They need to manipulate username or password parameters and thus access to the application (even as administrator)...
View Article
More Pages to Explore .....