Penetration Testing of a Web Application -Observations and Fixes

Penetration testing, also called pen testing, is the practice of testing a computer system, network or web application to find security vulnerabilities that an attacker could exploit. Web Applications are mainly penetrated against OWASP top 10 standards (https://www.cloudflare.com/learning/security/threats/owasp-top-10/) which are most common security vulnerabilities which an attacker tries to exploit always.Most of the OWASP […]

Avoid OPTIONS call to improve the performance of your apps

When a cross origin request is initiated by a client app, Browsers make a preflight request before executing an actual request. Example: Assume that example.com makes an authenticated POST request to a server api.service.com. The browser makes an additional OPTIONS request to api.service.com before making the actual request. The POST request will be processed only […]

How to configure a CDN in AWS

Amazon CloudFront is a web service that speeds up the distribution of static and dynamic web content, such as html, css, javascript, and image files. This document will cover the steps to host an angular website using AWS CloudFront. Permissions Needed 1. S3 Permission 2. CDN Permission 3. AWS Certificate Manager Permission Steps to configure […]