From time-to-time I will post here different articles related to Software Development & Cyber Security, including tutorials, code review, best practices, share experience etc.
Published on: July 4, 2016 11:30 am | Comments: none | Tags: Application, OWASP, Project, Security, Top 10, Vulnerabilities, Web
This post describes the development of Web technologies by seeing it from the security perspectives. It shows organization incentives like OWASP and their projects like Top 10 Vulnerabilities.
Published on: May 24, 2016 11:30 am | Comments: none | Tags: Department of Defense, Exploit, Pentagon, Stored XSS, Vulnerability
A Stored XSS vulnerability was found on the main US. Department of Defense website. More precisely the vulnerability was in their Frequently Asked Questions (FAQ) page. In that page users can be registered with their profile and ask questions, which eventually some administrator will respond. The user registration form had many Stored XSS vulnerabilities, in which one demonstration is presented in a video.
Published on: March 10, 2016 9:00 am | Comments: none | Tags: Bank, Gabriel, Hack, Incident, Information Security, Intrusion, Kevin Mitnick, The Art of Intrusion
This report presents and analyzes an information security incident into a bank system. Hacking a bank can be the most intriguing adventure for a hacker as well as a great challenge. The report talks about the ways how the attacker achieved to get into the bank’s network step by step in a timeline. Furthermore it also describes the recommended countermeasures the bank should have taken in order to protect themselves from these kind and other possible attacks.
Published on: February 22, 2016 9:00 am | Comments: none | Tags: Network, Planning and Design, Subnet, Technical Report, VLAN, VLSM, Wireless Roaming, WLAN
This report analyze the requirements and objectives of a fictive university for expanding their network. All requirements will be inspected in detail and will provide the recommended solution for the overall network design following the TCP/IP model, bottom-up approach. Therefore, the aim of this report is to provide a detailed network planning and design specification for the new part of the network.