security tools Archives - Krishna Gupta

CWE-113: HTTP Response Splitting – A Comprehensive Guide for Penetration Testers

31 January 202531 January 2025 by Krishna

HTTP Response Splitting is a web application vulnerability that occurs when an attacker is able to manipulate HTTP headers to split the response sent to the client. This manipulation exploits the way headers are processed by web servers and browsers, allowing attackers to inject malicious content into the response stream. The result can be a range of attacks, from cross-site scripting (XSS) to cache poisoning and web cache poisoning, all of which can disrupt business operations, damage brand reputation, and compromise sensitive data.

Rogue Software: Securing Your Business from the Threat of Fake Security Apps

23 October 202423 October 2024 by Krishna

Rogue software refers to malicious software that appears legitimate but is designed to deceive users into purchasing unnecessary security products or divulging confidential information. These programs often masquerade as antivirus tools, system optimisers, or ransomware protection. However, instead of securing systems, rogue software compromises them, making it harder for businesses to protect their data and assets.

When Trust Turns to Trouble: Unveiling the Peril of Watering Hole Attacks for C-Suite Leaders

15 July 2024 by Krishna

The name “watering hole” aptly reflects the attack strategy. Attackers meticulously research and identify websites – industry publications, online forums, software download portals – frequented by their target audience.