arD3n7
arD3n7 works for a leading IT company and is deeply passionate about information security. As a researcher, arD3n7 loves anything and everything related to penetration testing.
Hacking
Introduction In my previous article, I discussed the importance of Python and how we can utilize it to fill the gaps created by commercial scanners, thus imp
Reverse engineering
Python for Web application security professionals
Introduction: Python is an open source, interactive, object oriented programming language. It's very easy to learn and an extremely powerful high level langu
Hacking
Vulnerability Assessment of SNMP Service – Part 4
Background: This is the fourth article on vulnerability assessment of SNMP service. So far we've covered the basics, discovery, and data extraction using va
Digital forensics
Vulnerability Assessment of SNMP Service – II
Background: This is our second article in a series on vulnerability assessment of SNMP Service. In the previous article, we learned how we could set up a SN
Digital forensics
Vulnerability Assessment of SNMP Service – I
Background: This is the first article out of a series of articles that I am planning to write on vulnerability assessment of SNMP Service. SNMP – also known
Hacking
Running Metasploitable2 on virtualBox
Metasploitable is a Linux-based vulnerable virtual machine. It is designed especially for people interested in learning system exploitation. Rapid7 maintains
Application security
Embedding Security in Procurement Process & Vendor Contracts – Part 2
Background: In the previous article, we've covered how to implement security in procurement process and vendor contracts. There are 3 different aspects to m
Application security
Embedding Security in Procurement Process and Vendor Contracts
Background: Every organization has a procurement process. Some of the software products acquired by an organization are COTS (Commercial off The Shelf) Solu
Application security
An Introduction to Data Masking
Background: Dealing with Production Data is a challenge, but most organizations around the world have safeguards in place which secure the production enviro
Application security
Building Security in Requirements
Background: Every software application or product is developed based on business expectations. If we want to build a secure product or application, it is ine
Management, compliance & auditing
An organization is a complex structure. We can set up frameworks, lay out processes and chart our policies and procedures to be followed; however, in practic
Application security
Introduction to application risk rating & assessment
Understanding today's threat landscape and looking at the pace with which organizations are adopting secure development practices, there seems to be a huge g