We (Cyber Security and Privacy Foundation) have developed a vulnerable Java based Web Applicatoin . This app is intended for the Java Programmers and other people who wish to learn about Web application vulnerabilities and write secure code. The full course on Hacking and Securing Web Java Programs is available in https://www.udemy.com/hacking-securing-java-web-programming/ Warning: Don’t run […]
Category: Penetration Testing
Finding a Qualified Penetration Tester for Your Site
The penetration testing industry is enjoying an upsurge as more high-profile security breaches are reported in the media, such as the recent LinkedIn password debacle, and companies scramble to tighten up their systems. Done correctly, pen testing can illuminate security flaws in a network by utilizing the skills and viewpoint of an external third party, […]
CVE-2012-2122: Exploiting authentication bypass vulnerability in MySQL and MariaDB
The news about the vulnerability in MySQL and MariaDB spreads like a wild fire. I have covered about this vulnerability in E Hacking news as news article. Here, i am going to share the same thing from the perspective of a penetration tester. The MySQL and MariaDB versions 5.161,5.2.11,5.3.5 and 5.5.c2 are affected version. The […]
DOM Based Cross Site Scripting(XSS) vulnerability Tutorial
So far i have explained about the Traditional Cross site scripting that occurs because of insecure server-side code. In this post , i am going to explain the DOM Based Cross Site Scripting vulnerability. if you don’t what cross site scripting is, then i recommend you to read the basics from here. Before explaining about […]
The Art of Human Hacking -Social Engineering(SE) tutorial series
Hello BTS readers, here we come with an interesting tutorial written by my friend Mr.Ashish Mistry who is the founder of Hcon and author of ‘HconSTF ‘ project. Hello all, after a long time I am again started writing, In a hope that my believe in “sharing the spirit of learning” fulfills well. So from […]
Complete Cross site Scripting(XSS) cheat sheets : Part 1
We are producing this XSS Cheat sheet after collecting the codes from hackers’ techniques and different sites especially http://ha.ckers.org/xss.html . This is complete list of XSS cheat codes which will help you to test xss vulnerabilities ,useful for bypassing the filters. If you have any different cheat codes , please send your code. Basic XSS […]
E Hacking News & PenTest Partnership announced!
We’re proud to announce that we’ve just partnered with PenTest Magazine! About PenTest Magazine: PenTest Magazine is a weekly downloadable IT security mag, devoted exclusively to penetration testing. It features articles by penetration testing specialists and enthusiasts, experts in vulnerability assessment and management. We cover all aspects of pen testing, from theory to practice, from […]
How to do Cookie Stealing with Cross site Scripting Vulnerability ? : XSS Tutorials
Hope, you are now familiar with XSS vulnerability (if you don’t know what it is, read the beginners xss tutorial). It is my Fourth article about the XSS Vulnerability Testing(PenTesting)..! Today i am going to explain how an attacker exploit XSS vulnerability and steal cookie from users. Warning!!! BTS does not take responsibility, if anyone, […]
Bypassing the XSS Filters : Advanced XSS Tutorials for Web application Pen Testing
copyrights reserved © BreakTheSecurity Hi friends, last time, i explained what is XSS and how an attacker can inject malicious script in your site. As i promised earlier, i am writing this advanced XSS tutorial for you(still more articles will come). Sometimes, website owner use XSS filters(WAF) to protect against XSS vulnerability.For eg: if you […]
What is Penetration Testing and Pen Testing Distribution?
Penetration Testing(Pen Testing) is the act of evaluating the Security of system or network by exploiting vulnerabilities. This will determine whether unauthorized or malicious activity is possible in a system. Vulnerability uncovered through the Pen Testing will be presented to the system’s owner. Why Penetration Testing? Pentetration testing can identify the vulnerabilities that is not […]