Understanding PCI DSS and PA DSS is crucial to the role of a penetration tester. Quoting the relevant PCI-DSS or PA-DSS control reference for your findings would help demonstrate the proper risk arising from common security findings such as support of older SSL versions, weak encryption when storing cardholder data, lack of proper logs from […]
Scope: This article demonstrates logging techniques in MySQL to uncover and analyze any mischief attempts done by (outside or inside) user focusing on specific areas in database. Getting Started: Following are the types of logs available in MySQL[1]. Log Type Information Written to Log Error log Problems encountered starting, running, or stopping mysqld General query […]
Overview I had to do the risk analysis of the Android 2.2 – Froyo based appliance and check for any security flaws exist in it before the XYZ Ltd. (just the example) company could launch that product in the market. Background How I get connected to appliance At start of my task I first assign […]
