Category Archives: General Security

Security Testing for the QA

As a professional QA engineer it’s a part and parcel of one’s day to day life to test the limits of the application in terms of functional and non-functional requirements. This tutorial focuses on understanding and implementing security testing methodologies in your day to day testing so that the most common security threats and vulnerabilities… Read More »

Being a Pen-tester

In this post, we cover some brutal tips to become a successful pentester! First, Get your basics right! Are you already a great system administrator who understands the nuances of many operating systems, or a professional developer who has a deep background in one or more languages? – If yes, this is a huge advantage.… Read More »

Exploit writing for beginners – Sabari Selvan

The following post explains about basics of exploit writing for beginners by Sabari Selvan of E-hacking news. Sabari Selvan is an Information Security Researcher who has more interest in PenTesting and Malware analysis. – See more at: The post explains the following: a) What is exploit writing b) Impact of exploits c) Introduction to… Read More »


OSINT stands for Open Source Intelligence. In this article we cover the most important OSINT tools for a security researcher. Basically, OSINT tools are used in the reconnaissance phase to gather as much information about the target as possible. These tools have an artificial intelligence to mine data from the web about all possible matches… Read More »

Advanced Persistent Threats – Attack and Defence

Advanced Persistent Threats (APT) was originally coined while nations were involved in cyber-espionage. These techniques are used by cyber-criminals to steal data for monetary gains. Unlike other threats, these threats are advanced, often targeted, persistent in nature, and evasive too. APTs target particular organizations unlike other usually found malwares, which sweep down random millions of… Read More »

Security Audit Tools

In this photo story segment we cover the brief overview of internal security audit tools. These tools are ranging from port scanners to exploit development frameworks, be it web applications or network components, this segment shows you some of the must have tools for a successful security audit. 1.      Maltego: Following the well defined hacker… Read More »