Cyberis Blog

Reassuringly clear thinking.

  • Penetration testing
  • Tools and techniques

Finding Hidden Vhosts

During a recent test we observed a number of web servers that had a number vhosts configured, only some of which were discoverable from public DNS records. Internal DNS servers were configured to resolve the remaining ‘hidden’ vhosts served by the web server. Here's how we found them...

Read more
  • Penetration testing
  • Tools and techniques

Hacking An E-Commerce Site - For Fun Or Profit?

Having testing a number of e-commerce sites in recent times, I wanted to share some of the vulnerabilities encountered, and the reasons why someone would seek to exploit them. Recent high profile hacks in the media have rightly made retailers sit up and take notice of security - whilst PCI DSS attempts to mandate a certain level of assurance, the risk of losing substantial amounts of money and seriously damaging reputation focuses the attention on security more than any overarching standard.

Read more

Improve your security

Our experienced team will identify and address your most critical information security concerns.

Contact us About Cyberis