A common question in web application tests is whether it is necessary to scan the admin interface. Users with an average level of rights can't log in anyway, so you can't expect a threat from that direction. But is that really so?Are we in danger?The admin...
The non-profit Open Web Application Security Project (OWASP) is a foundation which works to improve software security. It was launched on December 1, 2001 and since then it has been helping developers continuously with free guides and resources.WSTG 4.1, of courseThe...
The developers have delivered, the web application is ready. It works great, the design is also amazing – but who decides if it is safe enough? Who can we contact to get an independent opinion? It depends on the source code tooLife has not stopped at developer...
The purpose of grey box testing is to look for vulnerabilities resulting from improper design or improper use of applications. The grey box test is a combination of white box and black box testing. With this method, we most often examine applications and networks...
The red team is a team of external experts who usually carry out real attacks on IT systems at the request of senior management without the knowledge of the IT department. In attacks, “everything is worthwhile” that does not threaten the collapse of the...
