Penetration Testing Archives | NuHarbor Security

Web App Vulnerability Basics: Insecure Direct Object Reference

Jun 18, 2020 | Penetration Testing

This is an article in a series on Web Application Vulnerability Basics. What Is Insecure Direct Object Reference? Insecure Direct Object Reference, also known as IDOR, is a reference to an internal implementation object that is exposed to a user without proper...

Web App Vulnerability Basics: Cross-Site Scripting

Jun 11, 2020 | Penetration Testing

This is an article in a series on Web Application Vulnerability Basics. What Is Cross-Site Scripting? Cross-Site Scripting, also known as “XSS”, is a web exploit that allows an attacker to inject malicious content (such as markup, or scripts) into a web application....

Web App Vulnerability Basics: Cross-Site Request Forgery

May 28, 2020 | Penetration Testing

This is an article in a series on Web Application Vulnerability Basics. What Is Cross-Site Request Forgery? Cross-Site Request Forgery, also known as CSRF and XSRF, is a web application attack that tricks a victim into submitting a malicious request to a web app that...

Web App Vulnerability Basics: Path Traversal

May 21, 2020 | Penetration Testing

This is an article in a series on Web Application Vulnerability Basics. What Is a Path Traversal Attack? Path traversal, also known as directory traversal and backtracking, is an exploit that allows an attacker to access files on a web server that they are not...

Breach of the Week: War Stories With Eric

May 21, 2020 | Cybersecurity, Penetration Testing, Podcast, Uncategorized

Pwned Breach of the Week – War Stories with Randy

May 14, 2020 | Cybersecurity, Penetration Testing, Podcast, Vulnerability Scanning

Pwned Breach of The Week: Your Online Dating Data Is Ready to Mingle

Apr 30, 2020 | Case Study, Cybersecurity, eCommerce Fraud Prevention, Penetration Testing, Podcast

How Can Infrastructure Penetration Testing Help Your Business?

Apr 2, 2020 | Penetration Testing

An Infrastructure Penetration Test is one of the best ways to discover weaknesses, vulnerabilities, misconfigurations, and threats located within your infrastructure. To conduct a Penetration Test, highly skilled engineers utilize the same tactics, techniques, and...

Exim Server Vulnerabilities

Jun 24, 2019 | Cybersecurity, Penetration Testing, Tenable, Vulnerability Scanning

By: Justin Fimlaid What is an Exim server? An Exim server is a mail transfer agent used on Linux like operating systems. Exim is a free software and used by as much as 57% of the Internet email servers. Over the past couple weeks it has been noted that a heavy amount...

What is a SHA-1 Collision Attack?

Jun 10, 2019 | Cybersecurity, Penetration Testing, Vulnerability Scanning

By: Justin Fimlaid What is SHA-1 and what is the history of SHA-1? Originally SHA-1 was developed as part of a U.S. government capstone project. The first version of SHA was SHA-0 and that was developed in 1993 as the Secure Hash Standard. SHA-0 was originally...

« Older Entries

ASSESSMENT & ADVISORY

REDSEC

PROFESSIONAL SERVICES

SECURITY CERTIFICATIONS

COMPLIANCE ASSESSMENTS

Web App Vulnerability Basics: Insecure Direct Object Reference

Web App Vulnerability Basics: Cross-Site Scripting

Web App Vulnerability Basics: Cross-Site Request Forgery

Web App Vulnerability Basics: Path Traversal

Breach of the Week: War Stories With Eric

Pwned Breach of the Week – War Stories with Randy

Pwned Breach of The Week: Your Online Dating Data Is Ready to Mingle

How Can Infrastructure Penetration Testing Help Your Business?

Exim Server Vulnerabilities

What is a SHA-1 Collision Attack?

Recent Posts

Most Popular

Categories

Archives

Pin It on Pinterest