Your Perfect Cybersecurity Partner

Stay Connected:

Cybersecurity Blogs | Briskinfosec
10th August 2022

What is the difference between Manual Penetration Testing versus Automated Penetration Testing?

The new normal has made the market bigger for digital transformation projects and strategies for moving to the cloud.

5th August 2022

What are the benefits of Cloud Penetration testing?

It all depends on how you perceive it to be. Most business owners feel that cloud space equals cloud security. Now, before I reveal the answer let’s see the story below; Accenture is no doubt the biggest name in software.

2nd August 2022

Word-press plugin lightspeed caches security flaws and how to exploit them

WordPress plugin LiteSpeed Cache has a cross-site scripting vulnerability because it does not properly sanitize user input. An attacker can take advantage.

29th July 2022

XML Rpc Attack

Yes, I am talking about U.S department of defense get hacked. Bibek Dhakal found that the xmlrpc.php file on the U.S. Department of Defense website had been turned on leaving it open to an attack on other sites. The XML Rpc.php in WordPress is turned on by default

6th October 2018

Cross Site Port Attack XSPA

A web application is helpless against Cross Site Port Attack if it forms client provided URL’s and does not disinfect the backend reaction obtained from remote servers previously while sending it back to the client.

4th May 2019

Null Byte SQL Injection

Null Byte Injection is an exploitation technique which uses URL-encoded null byte characters to the user-supplied data. This injection process can alter the intended logic .

28th May 2019

CRLF Injection Attack

The term CRLF refers to Carriage Return (ASCII 13, , \r) Line Feed (ASCII 10, , \n). Carriage Return means the end of a line, and Line Feed refers to the new line. In more simple words, both of these are used to note the end of a line.

29th May 2019

Server Side Includes Injection

Server Side Includes (SSIs) are directives present on web applications, used to feed an HTML page of the application with dynamic contents based on user’s input.

30th May 2019

Detection and Exploitation of XML External Entity Attack XXE

XML External Entity Attack happens when an application allows an input parameter to be XML or incorporated into XMLwhich is passed to an XML parser

30th September 2019

Growing Data Breaches And The Best Ways To Be Safe From Them

Data breaches – Unarguably, it’s a word that’s roaring predominantly and endlessly in each and every part of this digital world, without any precincts.

6th November 2019

Important Vulnerabilities And Smart Ways To Be Secured From Them

There’s a saying, ”Change is the only thing that never changes!” Similarly, each and every year has a change .

29th April 2020

Evolution of Ransomware and the trends in 2020

Nowadays the biggest danger that we come across and also something that we are about to face in future is The cyber threat the crime that happens via internet and technology.

3rd October 2018

Host Header Attack

Most commonly many web servers are configured in such a way, to hosts several websites or web applications on the same IP address. That’s why the Host Header Injection occurs.

12th May 2022

Json web token (JWS) and its exploitation

As an open standard, the JSON Web Token (JWT) defines a compact and self-contained method for securely transmitting information between parties as a JSON object (RFC 7519).

4th May 2019

How to secure your Github repository?

GitHub is a hosting platform which helps developers to collaborate in building software’s. It helps the developers to manage source code management.

3rd October 2018

CWE-78 Improper Neutralization Of Special Elements Used In An OS Command Injection

OS command injection is a technique used via a web interface in order to execute OS commands on a web server. The user supplies operating system commands through a web interface in order to execute OS commands.

3rd October 2018

CWE-79 Improper Neutralization Of Input During Web Page Generation Cross-Site Scripting

Cross-site scripting (XSS) is one of the most prevalent, obstinate, and dangerous vulnerabilities in web applications.