In this article, we will discuss one of the most seen vulnerabilities in web-based applications, which is — Reflected XSS....

Zed Attack Proxy is an open-source security software written in Java programming language and released in 2010. It is used to scan web applications and find vulnerabilities in it. It was started as a small project by the Open Web Application Security Project (OWASP) and now it is the most active project maintained by thousands of individuals around the globe. It is available for Linux, Windows, and mac in 29 languages. It can also be used as a proxy server like a burp suite to manipulate the request including the HTTPS request. Daemon mode is also present in it which can later be controlled by REST API....

In this article, we are going to learn about one more attack vector in detail which are very important to learn in this world of lots of Web and Mobile Apps....

In this article, we will understand one of the types of Cross-Site Scripting in-depth, i.e. Stored XSS....

The growing demand for the CyberSecurity domain in the tech world has increased the need for cybersecurity professionals in the industry, giving rise to various career opportunities to people interested in making their career in the cybersecurity sphere. However, as people are still not much aware of the career options in the cybersecurity field, there is too much confusion amongst the people while planning to start a career in it.  Though, out of many professions in this particular sector, Cybersecurity Consultant is one of the most exciting and challenging jobs for the aspirants....

Spear Phishing and Whaling both are different type of Email phishing attacks that attackers use to steal your confidential information. This confidential information might include login credentials, credit & debit card details, and other sensitive data....

Phishing is a kind of cyberattack that is used to steal users’ information including login details and credit card numbers. Most of the data breaches involve scams seeking to steal people’s sensitive information or login credentials, which is a type of phishing attack. A phishing attack can be carried out with the help of fake emails and cloning legitimate websites and tricking the user into revealing sensitive information....

Stories of organizations paralyzed by cybersecurity threats and vulnerabilities are at their peak. According to a report published by Symantec Corp, India is one of the top five countries that have become the victim of cyber crime.  Nowadays, modern technologies such as cloud computing, IoT, cognitive computing, etc. are categorized as the critical assets of any organization. With the increase in the use of advanced technology and interconnected applications, there is a rapid spike not only in businesses but also in threats and vulnerabilities as well....

MD5 is a cryptographic hash function algorithm that takes the message as input of any length and changes it into a fixed-length message of 16 bytes. MD5 algorithm stands for the message-digest algorithm. MD5 was developed as an improvement of MD4, with advanced security purposes. The output of MD5 (Digest size) is always 128 bits. MD5 was developed in 1991 by Ronald Rivest....

In cryptography, the avalanche effect is a term associated with a specific behavior of mathematical functions used for encryption. Avalanche effect is considered as one of the desirable property of any encryption algorithm. A slight change in either the key or the plain-text should result in a significant change in the cipher-text. This property is termed as avalanche effect....

1. Scareware : Scareware is a form of malware that is malicious software that poses as legitimate computer security software and claims to detect a variety of threats on the affected computer that do not actually exist. The users are then informed that they have to purchase the scareware in order to repair their computers and are barraged with aggressive and pop up notifications until they supply their credit card number and pay up the desired amount for the worthless scareware product....

1. Virus : A virus is a malicious executable code attached to another executable file which can be harmless or can modify or delete data. When the computer program runs attached with virus it perform some action such as deleting a file from the computer system. Virus can’t be controlled by remote....