Vulnerabilities in password-based login Username enumeration via different responses With Burp running, investigate the login page and submit an invalid username and password. In Burp, go to P...

Some acronyms: JOSE: Javascript Object Signing and Encryption The name of the working group JWT: JSON Web TOKEN JWE: JSON Web Encryption JWS: JSON Web Signature ...

Cloud Concepts Benefits of cloud computing Scalability: ability to accommodate a larger load by making the hardware stronger(vertical), or by adding nodes (horizontal) Elasticity: once a system ...

Cross-site scripting known as XSS is a web vulnerability in which malicious scripts are injected int benign and trusted websites. XSS occur when an attacker send malicious code in any user input fi...

“With Docker, developers can build any app in any language using any toolchain. “Dockerized” apps are completely portable and can run anywhere - colleagues” OS X and Windows laptops, QA servers run...

Lab 1 - SQL injection vulnerability in WHERE clause allowing retrieval of hidden data We need to retrieve hidden data so we search query’s in the web where we can inject some sql injection payloads...

A SQL injection is an attack in which the attacker executes arbitrary SQL commands on an application’s database by supplying malicious input inserted into a SQL statement. This happens when the inp...

Introduction In this tutorial we will cover vulnerability scanning and vulnerability remediation. These are two of the main steps in the Vulnerability Management Lifecycle. We will be using Nessus...

Cloud computing and IAM Types of Cloud Computing Infrastructure as a Service (IaaS) Provide building blocks for cloud IT Provide networking, computers, data storage space Highest level of...

Cloud Resume Challenge Setup AWS Create your aws account Setup MFA for your roor account Create an IAM user Assign permission (Principle of Least privilege) Setup Vault (https://github.com/99...