Fluid Attacks logo
Login
Contact Us
Young hacker smiling
Zero false positives

Expert intelligence + effective automation

Contact logo Contact Us
GET A DEMO
Data has a better idea sign

Will machines replace us?

Automatic detection vs. manual detection

More than 20 years have passed since Garry Kasparov, the chess world champion, was defeated by Deep Blue, the supercomputer designed by IBM. For many people, that event was proof that machines had...



Monkey staring

The infinite monkey fuzzer

Fuzz testing using American Fuzzy Lop

In our last entry, we argued that fuzzing is both “dumb” and surprising. In this article, we’ll continue exploring the possibilities of fuzzing. This time though, we’ll focus on desktop...



Fuzzy caterpillar

Fuzzy bugs online

Fuzz techniques for attacking web applications

In general, fuzzing means to try many inputs, well-formed or otherwise, in an application, protocol or other interaction with a computer, that it might trigger an unexpected behavior. Web fuzzing...



Cucumber slices

Is your app in a pickle?

Documenting vulnerabilities with gherkin

Gherkin is a simple language that can be used for software documentation and testing. It can be thought of as a tool for communication between stakeholders and developers which helps minimize...



Person working on the computer while looking at cellphone

Delimiting an Ethical Hacking

How to define the scope of your objectives

The main problem encountered by an organization when they need to perform an Ethical Hacking is to establish the boundaries of the hacking. Delimiting the scope of an Ethical Hacking by time is a...



Blank CSV document icon

Is that CSV Secure?

Defining CSV injection vulnerabilities

Comma-Separated Values file (or CSV) is a type of file that stores tabular data, numbers and text in plain text. Each line of the file is a data record and each record consists of one or more...



Hands typing in a text editor

The importance of pentesting

Protect your company against Hackers, not Lamers

Without a doubt, the recent events in relation to the infringement of privacy, such as the theft of personal information from celebrities, the Sony, Target and Equifax hacks, and the big...



Text editor with code highlighting

Another proud son of JSON

Using JSON Web Token to send data

Today everything is connected, and thus, everything is communicated. Security has become a major issue in the complex world of web applications and their communications. Figure 1. JSON Web Token...



Person using a magnifying glass in keyboard

Symbolic execution for mortals

What is it and how it works

In 2003 the Defense Advanced Research Projects Agency, DARPA, announced the Cyber Grand Challenge, a two-year competition seeking to create automatic systems for vulnerability detection,...



Chess piece different from the others

Conserving your identity

Using WS-Security to secure your web apps

In the digital era everything is or has a web application. Web apps are no longer just about content delivery, they have evolved to solve complex business needs and have become a mechanism for...



Multiple icon accounts

Multiple credentials begone!

Security issues and solutions of SSO services

The evolution of information technology brings with it many challenges, one of the biggest ones being Identity and Access Management. To take care of the growing vulnerabilities and attacks in...



several balloons floating in the air

Healthcare in the clouds

Cloud based systems in healthcare and their issues

The healthcare nowadays is in the clouds, and not just the prices. With the fast pace in which technology advances and the many different solutions that are offered to all types of users,...




Service status - Terms of Use