Scanning a large website very often takes a long time. Using the default settings, Acunetix Web Vulnerability Scanner will first try to identify all the pages using various crawling techniques, and will then proceed to scan the pages that have ... [+]
Google Hacking is a hacking technique used by hackers to identify web security vulnerabilities on web applications or gather information for general or individual targets. Mostly this information includes configuration and source code files, sensitive data, database information, etc. This … [+]
In the late 90’s, businesses embraced the internet; they connected their networks and servers to the internet so their data can be accessed from anywhere around the world. This was a new era that gave businesses the opportunity to grow … [+]
Incident response is the art (and science) of responding to computer security-related breaches. Interestingly, most organizations I deal with don’t have a documented incident response plan. The last thing you want to do during and after a security breach is … [+]
Can you believe it’s time again for those New Year’s resolutions? It’s always great to start the New Year with a fresh set of to-do items that you’re finally going to get around to doing. The problem, however, is that … [+]
Recently somebody posted on Reddit about a WordPress scanner that is taking advantage of a new WordPress vulnerability. The vulnerability is abusing the Pingback system, which is a well-known feature that’s used by a lot of bloggers. What is a … [+]
Successful web security testing is not as simple as point and click. Unfortunately, many people treat it as such. The thought process goes something like this: 1. Load web vulnerability scanner. 2. Enter URL to scan. 3. Click Go. 4. … [+]
Update: Seems to be working on TP-Link Routers as well (tested on TL-WR841N). Update2: Arcor EasyBox A600 also seems vulnerable. Opening a legitimate looking email on an iPhone, iPad or Mac while using an Asus router with a default or guessable password … [+]
Directory listing is a web server function that displays a list of all the files when there is not an index file, such as index.php and default.asp in a specific website directory. … [+]
Even the best websites are vulnerable to hacking. Though web security continues to improve, hackers are constantly developing new ways to attack and disable corporate and government sites. Hackers are now attacking web-based applications, including shopping carts, webforms, login pages … [+]
A client of mine recently asked me if I had any Web development related tips for dealing with Personally Identifiable Information (PII). With this being an information security 101 type question, I had to think about it for a bit. … [+]
