Category
Sort By
A hacker, security enthusiast, blogger, trainer and a speaker. I love to hack applications, have spoken to conferences about my experiences and research. Have a great interest in penetration testing, and support open source community.
Being a technology focused company, TO THE NEW has always made its presence felt in major conferences around the world. This time, it was X0RC0NF in Cochin, India. I was invited to present my talk there and attend the conference as a speaker. The topic of my talk was "Anatomizing online payment systems: hack to shop", majorly focusing on...
In continuation to my last blog about possible attacks on a password reset functionality, this part of the same series will look into below two implementations: • Email sent with a temporary password or current password • Secret questions asked and then given the option to reset the password I will mention possible issues which...
For every developer, implementing a password reset feature is a very interesting part. This is where he develops a logic and then implements it in the code. There is no well-defined industry standard on how to implement a secure password reset functionality in your application. So, the result is that every application has a different way...
