The Silence Before the Attack: The role of passive OSINT reconnaissance in pentesting A single domain, a few skilled analysts and passive OSINT reconnaissance can already be enough to outline an organisation’s digital exposure. We are not talking about exploits or...
Data Protection Day is observed every year on 28 January, marking the date on which the Council of Europe adopted Convention 108, the first international treaty on data protection. The purpose of the day is not to overwhelm people with legal jargon, but to help data...
A common question in web application tests is whether it is necessary to scan the admin interface. Users with an average level of rights can't log in anyway, so you can't expect a threat from that direction. But is that really so?Are we in danger?The admin...
The non-profit Open Web Application Security Project (OWASP) is a foundation which works to improve software security. It was launched on December 1, 2001 and since then it has been helping developers continuously with free guides and resources.WSTG 4.1, of courseThe...
The developers have delivered, the web application is ready. It works great, the design is also amazing – but who decides if it is safe enough? Who can we contact to get an independent opinion? It depends on the source code tooLife has not stopped at developer...
