Is assuring quality all about testing the happy flow of the application? What exactly is the service life of your application and how do you determine it?

The first thing that comes in our mind when we think of testing is, to validate and verify the software functionalities. But, ever wondered that there exists some test approaches that involves breaking of the system or software application in order to test their quality and service life. This is what destructive testing is.

Let us consider this scenario, your team created an application which seems to be working fine. You tested the…


Would you choose to be bored while waiting or connect to the available free wifi to surf the internet? If you are the second person, this article is definitely for you!

It’s very normal for us to connect to the available wifi while we travel. While traveling we often connect to public networks in airports, parks, or on public transport systems, along with other networks that may seem to have better security, in hotels or other businesses.

We often also use it to perform activities like checking the bank balance, transferring money, or working on some important works. But, what…


Are login pages the only way to enter our sites?

We often think that the login page is like a gateway to our site so we can hence, by adding the best security mechanism, can secure your website from attackers right.

But we almost forget that, even when we lose the key that opens our house, we can still call someone to create a duplicate key or find ways to enter our home. Isn’t it the same concept that could be applied when it comes to the web? I guess every web portal has the feature of, “Forgot Password”

Most…


When you can trick the front and the back of your application causing it to behave unexpectedly.

Vulnerability, that could allow malicious actors to leverage specific features of the HTTP/1.1 protocol in order to bypass security protections and obtain sensitive information from requests other than their own.

The HTTP request smuggling vulnerability was first discovered by Watchfire in their 2005 whitepaper entitled “HTTP Request Smuggling”. Then the work was later expanded by researcher Regis Leroy which was further discussed by James Kettle from Portswigger security during BlackHat USA 2019.

Some Important Terms

Before diving into what HTTP Request Smuggling is and how it…


If all the functions are working right, the application can be considered as Quality Product right? Wrong!

Everything that exists in this universe, either humans or machines both has a certain capacity to handle any load. And, once it gets overloaded, it starts behaving in a weird way or in the worst-case scenario might stop working. This is similar in the case of web applications too.

Load testing is one of the important components of Performance Testing that simulates a real-world load on any app or API. …


With the enhancement in technology and security, modern browsers now provide something that is known as, HTTP Headers that can improve applications against some common attacks such as clickjacking, cross-site scripting, and many more. Let us explore some methods you can tighten the security belt of your website.

Understanding HTTP Security Headers


Not just flights but all your clicks could be hijacked too. The threat that’s hidden right in front of you!

The internet and technology have transformed not just our lives but those of cyber-criminals as well. With the advancement of technology, cybercriminals are totally into developing new techniques to trick victims for their benefits.

Clickjacking, made up from two words, “click” and “hijacking” is a similar method as to flight hijacking where attackers trick the user into clicking content on a hidden website.

This was initially discovered by the amazing Robert Hansen and Jeremiah Grossman

We often see in the…


We believe in the myth that only traditional password systems can be hacked. But, the fact is, even your face and fingerprints are hackable!

Your identity represents the entire you. It represents your presence in all your activities along. So, if identity is something that only you carry in this world, can it be theft? Can someone take your identity and be you? And if yes, how dangerously can it harm you?

People still have the misconception that biometric authentication such as Touch ID or Face ID can replace traditional passwords and that it could be used to protect valuable…


“ JavaScript is good for the most popular language because if it’s flexibility, but it just happens to be so powerful that keeping it under control can be difficult.”

JavaScript, a language that has been used by most of the companies to develop their application is considered one of the most powerful programming languages. But hold on! It is also the same language that could cause great harm to any organization working on it, if not done with proper precautions. It can also result in allowing attackers to view or steal personal data even you don’t realize what’s going on…


When security breaches make headlines, they tend to be about some external attackers from another country or the failure of some technology. These are the most interesting topics to read and one of the most common and easier for the hacked companies to admit. But, is it always the person that’s living in some other part of the world that’s behind the biggest data breaches?

The answer is simple, it’s a NO! It does not matter what happened or who caused it. Directly or indirectly it is often caused due to the negligence of an insider.

So what’s an insider…

SecureIca

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store