@sripati

A day in a pentester's life

May 29, 2022 · 2 min read · ChangeLog I published it first on Quora, as response to a question. re-published it, with little changes, on Purple-Team, a publication on Medium (image credit - Kevin Ku on Unspash) My 2 cents on a day in a pentester's life from the vantage poi...

Risks of a cybersecurity career

May 28, 2022 · 2 min read · (image credit - Photo by Sammie Chaffin on Unsplash) Cybersecurity is one of buzz-words promising the la-la land these days. Everyone is running towards it. However, it will help if one is aware of the 2 big risks. They are, Burn-out, and Not knowin...

Is programming knowledge required for web application penetration testing?

Apr 30, 2021 · 1 min read · Not required at first, but you will need it to move up the ladder (in proficiency). Here’s why:- For DAST (Dynamic Application Security Testing), aka looking for security weaknesses when the application is running, understanding how a web applicatio...

Do not kill your pentester for little or no value-add

Jan 12, 2020 · 7 min read · Disclaimer: This would be a long post (culmination of many old posts) with lot of different opinions, thoughts. If weaving is not right, please provide feedback on how it could be corrected. I had the good fortune of reading couple of threads by gent...

External Network VAPT: tools, information sources

Jan 2, 2020 · 5 min read · Photo by Sean Musil on Unsplash This is a live post; it will undergo changes, which are captured in change log, provided at the end of this post. Being part of many external VAPT engagements, one thing was clear from outset — methodology is the key, ...