Showing posts from 2017

Common HTTP Status Codes (RFC 2616)

Some of the common HTTP Status codes taken from RFC 2616 which can help penetration testers / cybersecurity analysts / IT Admins are below :

Transaction/ErrorStatusDescriptionSuccessful Transactions200OKSuccessful Transactions201CreatedSuccessful Transactions202AcceptedRedirected Transactions301Moved PermanentlyRedirected Transactions302Moved TemporarilyRedirected Transactions304Not ModifiedClient Side Errors400Bad RequestClient Side Errors401UnauthorisedClient Side Errors403ForbiddenClient Side Errors404Not FoundServer Side Errors500Internal Server ErrorServer Side Errors501Not ImplementedServer Side Errors502Bad GatewayServer Side Errors503Service Unavailable

Encoded Characters Map to Standard Characters

%3c = <    %20 = (a space character)    %22 = “    %3a = :    %27 = ‘    %2e = .    %2f = /    %3e = >    %5c = \

Cyber Security - In Reality

Recently I came to know about an incident which forced me to draft my thoughts here on my blog about Attack Surfaces and Attack Vectors. This will also talk about some preventive measures which are basics and should be taken care in the organisation. That said, we should also understand that if someone tells us that his tool/ or he can make our organisations security posture unbreakable and hack proof, please ignore them to start with. Our focus should always be to perform internal assessments and to apply best practices as much as possible to reduce the attack vectors and surfaces, and to have processes to deal with such security incidents. There will always be a new way which the hackers will work out to penetrate the network.
The IT space currently has been under pressure due to cyber attacks and viruses / malware being released leading to huge losses and creating a panic specially for the IT support teams as they were not ready for it. We all should accept that this is now a new …