#datasecurity

Thick Client (Desktop) Application Penetration Testing – Part-2

by
Thick Client (Desktop) Application Penetration Testing - Part-2

Privilege Escalation using RegShot DLL Hijacking Sensitive information in Memory (Dumping connection string from Memory) Let’s try to log in with this credential using HediSQL: Remediation: Sensitive information should be encrypted. If encryption is not possible, use obfuscation techniques based on the application’s severity. Passwords In Registry Remediation: Encrypt passwords before storage, or store garbage … Read more

Thick Client (Desktop) Application Penetration Testing

by
thick-client-desktop-application-penetration-testing

Introduction Thick client (Desktop) application penetration testing is the process of evaluating the security of a thick client application by simulating attacks to identify vulnerabilities. A thick client application, also known as a fat client, is a software program that runs on a local machine and communicates with a server or a database to perform … Read more

Docker Unverified Container Images

by
docker unverified container images

“Welcome to the world of containers! Docker has revolutionized the way we deploy and run applications. But have you ever heard of the term “Docker Unverified Container Images”? Well, buckle up, folks! In this blog post, we’ll dive into the ins and outs of Docker unverified container images & why it’s important to take caution … Read more

Docker Minimal Base Image

by
docker minimal base images

Have you ever found yourself feeling weighed down by the size of your Docker images? It’s like carrying a fully loaded backpack on a hike – sure, it might have all the gear you need, but it can also slow you down and make the journey less enjoyable. That’s why we recommend using a Docker … Read more