Search ingoogle by name
MRITYUNJAYA HIKKALGUTTI
will get all the details
click here , among 300 CEOs i am No-32
https://www.dr-hempel-network.com/digital_health_contact_lists/300-ceos-of-innovative-digital-health-startups-in-india/
Good Stuff Happens in 1:1 Meetings: Why you need them and how to do them well
Cyber Crime / Security Testing COE - Abstract / White Paper
1. 1
Cyber Crime / Security Testing
COE - Abstract
By
Author : Mrityunjaya Hikkalgutti
Date : 22 July 2020
2. Problem Statement : Common IT Applications security vulnerabilities
• Missing data encryption
OS command injection
SQL injection
Buffer overflow
Missing authentication for critical functions
Missing authorization
Unrestricted upload of dangerous file types
Reliance on untrusted inputs in a security
decision
Malware
Backdoors,
Formjacking,
Cross-site scripting and forgery
Download of codes without integrity
checks
Use of broken algorithms
URL redirection to untrusted sites
Path traversal
Bugs
Weak passwords
Software that is already infected with virus
DDoS (distributed denial-of-service)
attack
DNS (Domain Name System)
3. Solution : Cyber Security
Required @
Critical infrastructure cyber security.
Network security. ...
Cloud security. ...
IoT (Internet of Things) security. ...
Application security.
Application Server Security
Web server Security
Middleware Security
Database Security
Database server Security
Problem Statement : Cybercrimes
Email and internet fraud.
Identity fraud (where personal
information is stolen and used).
Theft of financial or card payment data.
Theft and sale of corporate data.
Cyberextortion (demanding money to
prevent a threatened attack).
Ransomware attacks (a type of
cyberextortion).
Crypojacking (where hackers mine
cryptocurrency using resources they do
not own).
Cyberespionage (where hackers access
government or company data).
4.
5. Security Testing Types
Scanning(Configuration Scanning)
Penetration Testing (Ethical Hacking)
Security Audit
Risk Assessment Security Posture
Assessment
Information Gathering
Port Scanning
Packet Analyzer/Sniffers
Vulnerability Scanners
Proxies
Exploitation
Password Cracker
Web Application Security Testing
API Security Testing
Test Internal Interfaces
Interactive Application Security Testing
(IAST)
Software Composition Analysis (SCA)
Security Testing Best Practices.
Shift Security Testing Left
Security Testing Best practices
7. Security Testing Tools
Information Gathering
Skipfish
NsLookup
Google Hacking Database Tool (GHDB)
What is my IP/IP Address Lookup
HTTrack Website Copier
Samspade
Wayback Machine
The Harvester
Metagoofil
Maltego
Robots.txt
Port Scanning
Angry IP Scanner
Pingsweep
Superscan
Advance Port Scanner
Netcat
Nmap
Traceroute
Packet Analyzer/Sniffers
Wireshark
Ettercap
Tcpdump
Kismet
NetworkMiner
Vulnerability Scanners
Nessus
ZAP
AJAX Spidering
Fuzzing
Websocket Testing
Acuentix
IBM AppScan
HP WebInspect
Fortify Static Code Analyzer
Burp Professional Scanner
Netsparker
Qualys Cloud Platform
w3af
Exploitation
Metasploit
SQL Map
Havij
SET (Social Engineer Toolkit)
BeEF
Password Crackers
Brutus
Ophcrack
John the Ripper
Cain and Abel
THC Hydra
Rainbow Crack
Truecrack
Air crack
Proxies
Paros
WebScarab
IE watch
Charles
8. Security Testing Tools
Information Gathering
Skipfish
NsLookup
Google Hacking Database Tool (GHDB)
What is my IP/IP Address Lookup
HTTrack Website Copier
Samspade
Wayback Machine
The Harvester
Metagoofil
Maltego
Robots.txt
Port Scanning
Angry IP Scanner
Pingsweep
Superscan
Advance Port Scanner
Netcat
Nmap
Traceroute
Packet Analyzer/Sniffers
Wireshark
Ettercap
Tcpdump
Kismet
NetworkMiner
Vulnerability Scanners
Nessus
ZAP
AJAX Spidering
Fuzzing
Websocket Testing
Acuentix
IBM AppScan
HP WebInspect
Fortify Static Code Analyzer
Burp Professional Scanner
Netsparker
Qualys Cloud Platform
w3af
Exploitation
Metasploit
SQL Map
Havij
SET (Social Engineer Toolkit)
BeEF
Password Crackers
Brutus
Ophcrack
John the Ripper
Cain and Abel
THC Hydra
Rainbow Crack
Truecrack
Air crack
Proxies
Paros
WebScarab
IE watch
Charles
9. DB Testing Tools
• Data Factory
• Mockup Data
• DTM Data Generator
• MS SQL Server
• SQL Test
• Oracle SQL Developer
• NoSQL Unit
• Se Lite
• SLOB
• Orion
DB Security Testing Techniques
• Penetration Testing
• Risk Assessment
• SQL Injection Validation
• Password Cracking
• Security Audit
10. Benefits of Using Database Testing Tool
• Tool is that it executes tasks faster and this saves time.
• We have both paid as well as opensource testing tools
• These tools can be classified into Load and Performance testing tools,
• Test Generator tools, and SQL-based tools.
• Vulnerability that exists within the database system and using some of these tools will
• Facilitate the detection of defects efficiently and effectively in early stage
• periodic testing is important that will ensure productivity in the system (DB Crashes).