Posts by pretera

Our researchers were conducting a web application penetration testing for one of our clients and while modifying the account data such as first and last name fields, they discovered that they were not being properly sanitized. The vulnerable parameters could have been exploited to inject malicious JavaScript code, resulting in Stored XSS. Cross-Site Scripting (XSS)…

Since I recently passed the “Burp Suite Certified Practitioner” exam, I felt it would be useful to share some of my experiences and lessons learned, with those who are considering taking this exam, or just interested in completing the PortSwigger Academy challenges. How Did I Prepare Despite the fact that I have spent several years…

Recently, we were given the mission to conduct an internal and wireless security assessment for one of our clients. Following the discovery of vulnerabilities in their network security and the acquisition of access to their wireless infrastructure, we were able to carry out remote network scanning of their internal systems. After enumerating their running services…

Penetration testing, also known as pentesting, is a simulated cyber attack on a computer system, network, or web application with the goal of finding security vulnerabilities that could be exploited by malicious hackers. In today’s rapidly evolving digital world, pentesting has become a critical component of any organization’s security strategy. In this blog post, we…