Tag Archive: Ethical Hacking

Mar 24 2025

CVE-2018-1528 – IBM Maximo Asset Management could allow an authenticated user to obtain sensitive information from the WhoAmI API

Author: Shafeeque Olassery Kunnikkal | Category: CVE-2018-1528, Cyber Security, Penetration Testing | Leave a Comment

Reported this vulnerability while doing a penetration testing of IBM Maximo Asset Management software Summary IBM Maximo Asset Management could allow an authenticated user to obtain sensitive information from the WhoAmI API. This vulnerability affects the following versions of the IBM Maximo Asset Management core product, and all other IBM Maximo Industry Solution and IBM…..

Continue Reading
Nov 8 2012

Phases of Penetration Testing

Author: Shafeeque Olassery Kunnikkal | Category: Cyber Security, Information Security, Penetration Testing | Leave a Comment

We covered penetration testing, its types and benefits in our previous posts. In this post, we will deal with phases of penetration testing. As already explained, a penetration test should closely mimic the activities of an attacker. The test is carried out typically in three phases, namely: 1. Pre-attack Phase 2. Attack Phase 3. Post-attack…..

Continue Reading
Nov 7 2012

Types of penetration testing

Author: Shafeeque Olassery Kunnikkal | Category: Featured, Information Security, Penetration Testing | Leave a Comment

If we search in internet for types of penetration testing, we may mainly land up in getting two sources of classification as given below: The first source classifies penetration testing as “Internal” and “External” types and they talk about the variations of these types of testing based on the information available to the testing team…..

Continue Reading

Categories

Tags

zero-knowledge testing Education Cyber Security CVE-2018-1528 Email Fraud Social Engineering CVE-2018-5798 SDR Information Security Computer Forensics Degree Clickjacking Penetration Testing Black Box Penetration Testing Career Options Career complete-knowledge testing White Box Penetration Testing Cloudera Manager CubicSDR partial-knowledge testing Vulnerability Assessment Cyber Security Degree XSS Computer Forensics Cloudera Enterprise Phishing E-Books IBM Maximo Asset Management Ethical Hacking Grey Box Penetration Testing Reflected XSS

Archives