Hello & Welcome Everyone!! Today in this blog we are going to discuss about CSV Injection. Before going to start the discussion we will first understand, what is CSV file, what is CSV injection etc. What is CSV file? CSV is an acronym for “Comma…
Tag: penetration testing


Information Security Monthly Newsletter – Dec 2018
The newsletter consists of high-level executive summary of most of the important news, articles, data breaches and Microsoft patches details that have been published on information security. Each news item is very briefly summarized and includes a reference on the web for detailed information. We…

Android Mobile Application Penetration Testing
Android is a mobile operating system developed by Google, designed mainly for the touchscreen devices like smartphones and tablets. Android operating system was originally released on 23rd September 2008. There are total 11 version of android operating system available till date from Gingerbread to Pie….

XML External Entity Attacks
XML External Entity (XXE) is an attack where application process user-provided data without disabling the reference to external resource this is due to the weakly configured XML parser for the document type declaration (DTD). XML parser in the application supports external reference by-default even though…

Information Gathering through MS-Office Macros
Hi Readers, In this post discussing how Microsoft Office Word Macros can be used to gather information of a remote system. A Macro is a series of commands or instructions grouped together as a single command to accomplish a task automatically. These are seen in…

Best Practices for Securing Crypto Currency exchange
In our last blog on crypto we discussed on a case study related to penetration testing of crypto exchange. Today we are going to discuss on best security practices for securing crypto exchange sites. Web Application Level 1) Implement Two factor authentication at login and…
IMPINJ SPEEDWAY R420 RFID READER
IMPINJ is an organization which connects billions of everyday items such as apparel, medical supplies and automobile parts to consumer and business applications such as inventory management, patient safety, and assets tracking. The impinj platform uses RFID to deliver timely information about these items to…
Invoice Plane V 1.5 Cross Site Scripting Vulnerability-CVE-2017-18217
ISECURION is actively involved to secure the open source applications, and dedicating our time, talent and resources for the greater good, it was never a severity or name based hunt for us, we involve in security testing of all type platforms in information security such…

Case Study – Penetration Testing Crypto Currency Exchange
Recently we have performed a pentest for a crypto currency exchange site and below are the complete case study of the engagement. Case Study – Penetration Testing Crypto Currency Exchange Introduction: This case study of a start-up company in India who have started Crypto currency exchange…