cybersecurity

3542 readers

6 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

[email protected]

Mentorship Monday - Discussions for career and learning! (infosec.pub)

submitted 2 years ago by [email protected] to c/[email protected]

25 comments fedilink hide all child comments

Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? This is the time and place to ask!

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 2 years ago (4 children)

I am hosting multiple services, but my application/web security knowledge is lacking. Is there a guide or framework to check for common or risky mistakes? Is there a list of things I should check every application for, or guide on how to harden hosted applications? That is a topic that I am going to tackle in the near future, and would appreciate some tips in advance.

[–] [email protected] 1 points 2 years ago (1 children)

There's a browser extension you can use by owasp, I think it's "Penetration Tool Kit" or ptk

I stopped using it because it was slow (being a browser extension and all) but I do like how easy it was to use while needing to be logged in or get past captchas

Owasp zap is good for reconnaissance scanning

I really like burp suite for reverse engineering a web app. You can use the proxy to intercept http packets and see what every change illicits

[–] [email protected] 2 points 2 years ago

Thank you!

load more comments (2 replies)