Category
Sort By
In the dynamic landscape of digital experience management, security and user convenience are paramount. Adobe Experience Manager (AEM) stands out as a leading solution, empowering organizations to create, manage, and deliver engaging digital experiences. However, with the increasing importance of security, integrating robust...
Software development, Technology
Social authentication is a powerful feature that allows users to log in to your Django web application using their social media accounts like Facebook, Google, Twitter, and more. It simplifies users' registration and login process while providing additional user data for your application. Basic Setup: Step 1: Installation – First,...
Single sign-on (SSO) is an authentication method that enables users to securely authenticate with multiple applications and websites using just one set of credentials. SSO is an authentication scheme that allows a user to log in with a single ID to any of several related, yet independent software systems. True single sign-on allows users...
This would be my first blog where I am using Python. I am excited to share what I did using Python. I wanted to update google sheet using bash shell scripting but did not found anything I can play around using bash. Later, I opted for Python as it provides "gspread" library which could be used to work on google sheet. ...
Application Security, Technology
To make authenticated REST API calls in applications, several authentication schemes are used by developers. Some of them use HTTP Basic Authentication scheme, and others, as per their needs(or wants), use custom authentication schemes. Now, it's good to experiment but not at the cost of security. In this blog, we will look into the...
Before we get started, on how to handle authentication window in Selenium WebDriver. Let’s discuss what authentication window is & why it is used in applications? What is Authentication Window? Authentication is a process which is required to access some applications in which HTTP authentication is used for security purpose....
Application Security, Technology
We have seen a lot of applications where some sub-domains or sub-directories are publicly exposed (intently or by mistake). So, with experience from our past pentests we have made a habit of testing for vulnerable or accessible sub-domains. During one of such testing, I was manually testing the URLs of different sub-domains of the...
Recently, I worked on a task wherein the users had to be authenticated based on existing Google credentials to get access of AWS Management Console. It took more time than expected to make it work as the documentation provided by Google is not complete. Let’s start by setting this up step by step. Scenario: Provide access of AWS...
I was recently searching for something on Google and came across this instance of what might be a logical vulnerability prevailing across multiple web applications. I was searching for publicly accessible Jenkins console through Google Dorking. My search query listed some of the websites that had Jenkins as a part of their domain...
Application Security, Technology
Hackers and cyber criminals identify E-commerce sites as a source of information, such as credit cards and other PII (Personally identifiable information). To protect customers, it's necessary to know how to protect the application and the sensitive customer data it has. All this involves user's trust and assurance on the brand and...
We were trying to implement SSL-based login and registration (i.e. HTTPS) in an e-commerce web application which was otherwise using the non-secure protocol (i.e. HTTP) for the entire website. Instead of moving the entire web application to SSL, which would have increased response times, we thought it would be best if only the...