Application SecurityTechnology
We have seen a lot of applications where some sub-domains or sub-directories are publicly exposed (intently or by mistake). So, with experience from our past pentests we have made a habit of testing for vulnerable or accessible sub-domains. During one of such testing, I was manually testing the URLs of different sub-domains of the application and […]
Application SecurityTechnology
During a recent penetration test on one of our client’s application, we came across a case of malicious file propagation through the application server. The attack does not require an authenticated session. The vulnerable section is accessible by unauthenticated users. The attack involves an attacker submitting a malicious request (a malicious file is uploaded by […]
We have clearly witnessed a sharp inclination towards providing a superior customer experience by most companies within the last couple of years. Some companies plan on investing huge funds in glorifying their customer retention strategies; while some others plan on scaling up their technological integration. An important factor, inter alia, which would overhaul UI/UX radically […]
I came across a scenario where we have to stream Videos On Demand (VOD) using Amazon CloudFront and Amazon Simple Storage Service (S3). The on-demand streaming is done using Cloudfront Content Delivery Network (CDN). The videos to be served are stored on Amazon S3. I have designed a secure architecture for the same setup. The […]
Canvas is a very powerful tool for drawing graphics using scripting but what it need a basic understanding of HTML and JavaScript.Basic description of Canvas is here: The HTML5 Canvas element is an HTML tag like <div>, <a>, or <table> tag, with the exception that its contents are rendered with JavaScript. So, what I am […]
Whether you are a lazy programmer dreaming to achieve more by doing less or a super serious databases professional aspiring to make a mark in the land of DATA, Indexing is THE thing you can’t afford to live without. Why? Because of follows: Performance Unbelievably better performance Performance better than James Bond!!!!! Yes database indexing […]
The latest entrant in the world of technological development is the microservice architecture, also abbreviated as MSA. It would not be completely illogical to think of the MSA as a refined version of a Service Oriented Architecture (SOA) , which has been the go to approach of most enterprises as the needs and demands of […]
Social media channels are proliferating at a rapid pace. While Facebook, Twitter and Linkedin arrested the most socioholoics, newer channels like Vine & Snapchat are gearing up with coolio strategies to outperform these. Malcolm Gladwell’s book, “The Tipping Point”, inspired me to write about the sudden rise and fall of the social channels & marketing […]
Background On December 18, Transportation Ministry of Indonesia, led by Ignatitus Jonan had banned the operation of the country’s app-based transport service providers. The minister claimed that as these ride hailing app do not fulfill the requirements for being public transportation so we are banning them. The general director of land transportation, Djoko Sasono, said […]
