Hello & Welcome Everyone!! Today in this blog we are going to discuss about CSV Injection. Before going to start the discussion we will first understand, what is CSV file, what is CSV injection etc. What is CSV file? CSV is an acronym for “Comma Separated Values” which is used…


Information Security Monthly Newsletter – Dec 2018
The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

Android Mobile Application Penetration Testing
Android is a mobile operating system developed by Google, designed mainly for the touchscreen devices like smartphones and tablets. Android operating system was originally released on 23rd September 2008. There are total 11 version of android operating system available till date from Gingerbread to Pie. The number of mobile users…

XML External Entity Attacks
XML External Entity (XXE) is an attack where application process user-provided data without disabling the reference to external resource this is due to the weakly configured XML parser for the document type declaration (DTD). XML parser in the application supports external reference by-default even though the application does not or…

Information Security Monthly Newsletter – Nov 2018
The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

Information Security Monthly Newsletter – Oct 2018
The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

Information Gathering through MS-Office Macros
Hi Readers, In this post discussing how Microsoft Office Word Macros can be used to gather information of a remote system. A Macro is a series of commands or instructions grouped together as a single command to accomplish a task automatically. These are seen in different applications of Microsoft Office…

Information Security Monthly Newsletter – Sep 2018
The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

Information Security Monthly Newsletter – Aug 2018
The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We have tried to keep you…

Best Practices for Securing Crypto Currency exchange
In our last blog on crypto we discussed on a case study related to penetration testing of crypto exchange. Today we are going to discuss on best security practices for securing crypto exchange sites. Web Application Level 1) Implement Two factor authentication at login and withdrawal sections of the application…