HTTP request smuggling
Using HTTP request smuggling to hijack a user’s session...
Application Security
In this blog, one of our Application Security Auditors takes a look at the new HTTP request vulnerability, gives a...
What’s the difference: vulnerability scanning vs penetration testing
Application Security
Vulnerability scanning and penetration testing should be an essential part of your cybersecurity strategy. This blog discusses the above methods...
Account takeover vulnerability in Azure’s API Management Developer Portal
Application Security
How an Account Takeover vulnerability, discovered during a routine customer engagement, became a candidate for responsible disclosure, via the Microsoft...
How to find and fix jQuery vulnerabilities
Application Security
Using an outdated jQuery library can open up your web application to vulnerabilities. Read more to find out how to...
A pen tester’s guide to Content Security Policy
Application Security
In this article, we’ll look at Content Security Policy (CSP) through the eyes of a penetration tester. We will outline...