Cloud based applications Penetration Testing

Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more. But most of the organizations are in a notion that security is a service providers job. Yea, I do agree but at the same time we are also responsible to ensure the security of the application which we put on cloud. Conducting Penetration Testing on your own application on Cloud should be done meticulously.  Continue reading

How one can embark on the journey of Penetration Testing

I just wanted to give you an overview how one can be a Penetration Tester. I’m not gonna talk about career opportunities here since I do believe that a security enthusiast will always be passionate about information security, having a sense of how networks works and systems works. So, this article will shed some light for Quality Assurance, Test Automation engineers, enthusiasts who have a dream to start their journey to becoming a Penetration Tester.

Penetration Testing is a practice of testing a system, network, or Web application to find out the vulnerabilities where an attacker could exploit or sift through a loop hole in the system. Most of the organizations hire penetration testers to be a part their internal security teams, where they can test products or systems for exploitable security flaws and assure security.
Often people ask me how to start with. I know, this is the hardest of all as it is quite tricky to find the source to kick off from the basics. Although there exists tons of books and other sources which will teach you how to perform penetration testing, web application testing. I will start with few cornerstones and essential skills required. I know it would be bit uncertain when you start reading but to set realistic expectations of what one would expect from a security analyst to my solitary view. Don’t be discouraged if you don’t have all the essential skills which I’ve listed here but rather pop the hood by learning them. Continue reading

Types of Network & Topology

Types of Networks

I’ll just make you to skim through types of network and topology. I’m not gonna discuss every nook and cranny of Networking concepts here. Generally Networks were categorized based on the geographical size. I repeat again, based on it’s geographic distance but not the numbers of systems you have. So we have few types in it.

LAN: A Local area network is a network in which computers are relatively close together, such as within the same office or building. But again this doesn’t mean that LAN is a small network, LAN may have thousands of systems connected. What makes a network a LAN is that all those systems are within close proximity to each other. You need an example? You ever played Counter Strike LAN Gaming? if not, never mind, just think about your office or may be cyber cafe.

Continue reading