Defining the Secure Software Development Lifecycle (SSDLC)

By |2022-08-24T15:17:19-04:00June 30, 2020|Blog|

Here at Abricto Security, we believe that application penetration tests only reveal the tip of the iceberg. Specifically, if we conduct an application penetration test and we find that it’s riddled with vulnerabilities, the remediation ...

SQLmap Cheatsheet and Examples

By |2022-08-24T15:17:37-04:00April 2, 2020|Blog|

Target the http://target.server.com URL using the "-u" flag: sqlmap -u 'http://target.server.com' Specify POST requests by specifying the "--data" flag: sqlmap -u 'http://target.server.com' --data='param1=blah&param2=blah' Target a vulnerable parameter in an authenticated session by specifying cookies using the "--cookie" ...

Extracting Private Keys From Public Keys Generated With Weak Random Number Generators

By |2022-08-24T15:17:46-04:00March 19, 2020|Blog|

Public key encryption is heavily utilized in modern implementations of SSH. By leveraging public key cryptography, administrators can generate both a public key and a private key to encrypt and decrypt data in transit. Using ...

Go to Top