application

How to Prevent OWASP Top 10 Vulnerability

How to Prevent Owasp Top 10 Vulnerabilities

Leave a Comment / CEH / By Tushar Panhalkar

Introduction to OWASP Top 10 The Open Web Application Security Project, or OWASP, may be a nonprofit that strives to teach the cybersecurity industry (its practitioners, researchers, and developers) about prominent web application bugs and therefore the risks they present. Every three or four years, OWASP reaches bent the businesses and organizations with a high-level and wide-sweeping view of the foremost common and highest risk vulnerabilities for feedback on common and emerging threats. These contributors …

How to Prevent Owasp Top 10 Vulnerabilities Read More »

Investigate various Attack on Web Application

Leave a Comment / CHFI / By Tushar Panhalkar

Investigate various Attack on Web Application in this article explain different types of web application attack which is investigate through forensic investigator . 1. Investigating Cross-Site Scripting (XSS) Attack In XSS attack or Cross Site Scripting attack, the attacker exploits the vulnerability in the web by injecting malicious script, mostly Javascript, HTML OF CSS markup in the web pages that is displayed in the user browser. This takes place when the user clicks on the …

Investigate various Attack on Web Application Read More »

Web Attack Investigation On Windows based Servers

1 Comment / CHFI / By Tushar Panhalkar

Web Attack Investigation On Windows based Servers in this there are different indications related to each type of attack. For example, in a denial of service (DoS) attack, the customers are denied any access to the information or services available on the website. In such cases, customers report the unavailability of online services because the attacker prevents the legitimate user from accessing websites, email accounts, and other services that rely on the victim’s computer. Another …

Web Attack Investigation On Windows based Servers Read More »

Understand Web Applications Architecture in Forensic Investigation

Leave a Comment / CHFI, Knowledge Base / By Tushar Panhalkar

Understand Web Applications Architecture in Forensic Investigation in this all web applications are executed via a support client, i.e. a web browser. Web applications use a group of client-side scripts, such as HTML, JavaScript, etc., which presents the information, and the server-side scripts, such as ASP, PHP, etc., which handles the hardware tasks such as storing and gathering of the required data, are used by the web application for its execution. In the web application …

Understand Web Applications Architecture in Forensic Investigation Read More »

Introduction to Web Application Forensics

Leave a Comment / CHFI / By Tushar Panhalkar

Introduction to Web Application Forensics in this the Web applications are programs that exist on a central server permitting a user, who visits a website via the Internet, to submit and retrieve data to and from a database. A web application makes a request through a web server. When the server responds to the request, the web application generates documents of the response for better client/user service. The web documents generated by web applications are …

Introduction to Web Application Forensics Read More »

Introduction of Event Logs Analysis

Leave a Comment / CHFI / By Tushar Panhalkar

Introduction of Event Logs Analysis in this article Logs are the sequential records of events that have occurred or performed over a system. All the operating systems have the ability to store these records. Investigators can build timeline based on these logs and find exact time and location of attack. Operating systems regularly conduct audit of the contents and files in order to look for discrepancies. These files store the data regarding the previous state …

Introduction of Event Logs Analysis Read More »

Anti-Forensics Techniques: Password Protection

Leave a Comment / CHFI, Knowledge Base / By Tushar Panhalkar

Anti-Forensics Techniques: Password Protection in this A password refers to collection of words, letters, numbers, and/or special characters used for security processes such as user authentication or to grant access to a resource. The password ensures that unauthorized users do not access the computer, network resources, or other secured information. In addition, data files and programs may require a password. Password protection shields information, protects networks, applications, files, documents, etc., from unauthorized users. Many organizations …

Anti-Forensics Techniques: Password Protection Read More »

ISO 27001 Annex : A.14.2 Security in Development and Support Processes

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

ISO 27001 Annex : A.14.2 Security in Development and Support Processes It’s objective is ensuring the creation and implementation of information security in the information system development process. A.14.2.1 Secure Development Policy Control- Regulations for software and system development should be laid down and applied to organizational developments. Implementation Guidance – Secure development includes a safe infrastructure, architecture, software, and system to be developed. The following considerations should be taken into account in a stable …

ISO 27001 Annex : A.14.2 Security in Development and Support Processes Read More »

ISO 27001 Annex : A.14.1.3 Protecting Application Services Transactions

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

Control- ISO 27001 Annex : A.14.1.3 Protecting Application Services Transactions in order to avoid incomplete transmission, misrouting, unauthorized messaging modification, unauthorized dissemination, unauthorized message replication, or replay, information concerning application service transactions should be covered. Implementation Guidance – The following should include information security considerations for application service transactions: The use by each party involved in the transaction of electronic signatures; All transaction aspects, i.e. making sure: All parties’ information about the user’s secret authentication …

ISO 27001 Annex : A.14.1.3 Protecting Application Services Transactions Read More »

ISO 27001 Annex : A.14.1.2 Securing Application Services on Public Networks

Leave a Comment / ISO 27001 La, Knowledge Base / By Tushar Panhalkar

Control- ISO 27001 Annex : A.14.1.2 Securing Application Services on Public Networks Information about application services which pass through public networks should be protected against fraudulent activities, contract disputes, unauthorized disclosure, and modification. Implementation Guidance – Information security requirements will include the following for application services that cross public networks: Each party requires a level of trust in the identity claimed by each other, for example, through authentication; Authorizations for those who may authorize the …

ISO 27001 Annex : A.14.1.2 Securing Application Services on Public Networks Read More »

How to Prevent Owasp Top 10 Vulnerabilities

Investigate various Attack on Web Application

Understand Web Applications Architecture in Forensic Investigation

Introduction to Web Application Forensics

Introduction of Event Logs Analysis

Anti-Forensics Techniques: Password Protection

ISO 27001 Annex : A.14.2 Security in Development and Support Processes

ISO 27001 Annex : A.14.1.3 Protecting Application Services Transactions

ISO 27001 Annex : A.14.1.2 Securing Application Services on Public Networks

Course Categories

Quick Menu

Contact us

Recent Posts

Find Us Here