Due to the widespread usage of APIs, and the fact that attackers realize APIs are a new attack frontier, the OWASP API Security Top 10 Project was launched. This project was designed to help organizations, developers, and application security teams become aware of the risks associated with APIs. …

Bug bounty A bug bounty program offers rewards for participants who find bugs in software, website, or product of an organization or an individual. These participants are usually referred to as bug bounty hunters. Bug bounty programs are posted online for ethical hackers to find vulnerabilities in their system and…

Traditionally speaking ‘CTF’ is a term used for an outdoor game where the goal is to capture the other team’s flag. Similarly, this term is used for conducting competitions all around the world for ethical hackers to brush up their skills. Often it is used by companies and other organizations…

What is an API API is an acronym for Application Programming Interface. An API acts as middleman who delivers your request to the provider and then delivers the response to the requester. You can think of it as a code that allows two software programs to communicate with each other…

Analysis of the Cerberus source code leak Intro A few weeks ago, VX-Underground which hosts the largest collection of malware source code, samples, and papers on the web received the Cerberus Android Banking Trojan by some user which was later released on their website (https://vxug.fakedoma.in/code/leaks/CerberusLeak.zip). …

A deep-dive analysis Introduction On July 21, 2020, Malwarebytes announced the return of the emotet trojan after almost 5 months. The malware was spotted in a spam campaign targeting hundreds of thousands of Microsoft Office users. The trojan which was first spotted in 2014 is still targeting users worldwide primarily through spam emails. These…