Web Security Dynamic Analyses with OWASP ZAP

What is Dynamic Security analysis ? Dynamic application security testing (DAST) is examine the security application in the running sate and trying to poke it and prod it in unexpected ways in order to discover security vulnerabilities.[1] What is OWASP Zap ? The OWASP Zap attacking proxy is one of the most popular free security [...]

Static Code analysis

What is Static Code analysis  Static Code analysis(Source code analysis) is usually performed as part of Code review and carried out at the software implementation phase of a Secure Software Development life Cycle (Secure SDLC).Static code analysis falls under white Box testing when considering  different type of the testing approaches.Static code analysis commonly refer to running [...]

Introduction to penetration Testing

What is penetration testing? Penetration testing ,often called “pentesting”,”pen testing”,is the practice of attacking your or your client's IT Systems and infrastructure in the same way hacker would identify the security holes but without actually  harming the System. The person carrying out pentartion test is called a penetration tester or pentester. IMPORTANT: Penetration require to [...]