Burp Suite for Web App Pentesting: Tool Showcase

In the age of increasingly complex and functionality rich web applications, the tools we use to dynamically test the security of these applications need to be both flexible and intuitive. Sometimes referred to as the ‘Swiss army knife’ of web application security testing, Burp Suite, fits the bill perfectly, and it’s something we use when […]

What is the OWASP Top 10?

What is OWASP? The Open Web Application Security Project (OWASP) is a community-led nonprofit foundation committed to improving the security of software. For 20 years OWASP has been a repository for web application security resources including documentation, tools, videos, and forums, all of which are freely available and accessible via their website. One of OWASP’s […]

How to Test and Secure a WordPress Site

WordPress is the most popular content management system in the world with over 40% of all websites running on this open-source platform. Given its popularity, WordPress’s core source code is regularly reviewed and heavily dissected by its community, making the core software relatively secure when compared to custom-built web applications. However, this doesn’t mean that […]

Protecting Your Web Application From Brute-Force Login Attacks

Capitalising on simplicity, brute-force attacks have long been the noisy and least elegant method of exploiting authentication mechanisms. The origins of brute-force techniques date back to the wartime code breaking of Bletchley Park and have since evolved to become a well known but elementary approach attackers use to gain unauthorised access to services and user […]