The ethical hacking project comprises three phases, summarized as follows:

1. Preparation: In this phase, a formal contract that contains a non-disclosure clause as well as a legal clause to protect the ethical hacker against any prosecution that he may face during the conduct phase is signed. The contract also outlines the infrastructure perimeter, evaluation activities, time schedules, and resources available to the ethical hacker.
2. Conduct: In this phase, the evaluation technical report is prepared based on testing potential vulnerabilities.
3. Conclusion: In this phase, the results of the evaluation is communicated to the organization and corrective action is taken if needed.

Explore More

What are the countermeasures against database attacks?

The following are the countermeasures against database attacks: * Input Sanitization: The Database Administrator must sanitize any input received from a user. The data submitted should be checked for data

Read More

Misconfigured security features or Incorrect use of security

Session cookie is not randomized enoughNumerous applications use a session cookie to maintain the state of a logged in user. The use of authentication to validate the user that has

Read More

Critical SQL Injection in People Magazine

PlanetCreator has reported another critical SQL Injection (vulnerability) on  People Magazine Online Website http://www.people.com.mm Powered by Inforithm-Maze. SQL injection is a code injection technique that exploits a security vulnerability occurring

Read More