I wrote this as I got tired of looking up certificates in different ways and also to run it through bulk hosts/ports. Export your Nessus components, give them to this bad boy and there we have a nice nifty terminal output in tabular format (also exportable to CSV).

I'm excited to introduce CheckMyHeaders (CMH), a Python-based command-line tool that provides a quick and easy way to analyze your website's HTTP security headers. It’s a practical solution for developers, security researchers, and IT professionals who want to ensure their web applications are armored against common vulnerabilities via secure response headers.

Using Git via the command line is a powerful way to enhance your software development workflow. Here's a comprehensive guide to help you master all its functions.

Among the plethora of web servers, Nginx stands out for its high performance and powerful configuration options. However, its complex configurations can sometimes lead to security loopholes. This is where tools like Semgrep and Gixy come into the picture to fortify your Nginx server against potential vulnerabilities.

In the world of DevOps, security is paramount. In this post, I'll guide you through setting up your first CI/CD pipeline on GitHub with robust security analysis stages using some of the best open-source tools available.

Pentesting non-proxy-aware mobile applications is one of the challenges that pen testers occasionally face while testing mobile applications. This guide will walk through the process of fixing this issue

Recently I came across a scenario where I had to setup a publicly exposed cloud instance which could act as a listener to create a reverse shell. So I did!

This post contains a collated list of commonly asked technical questions on interviews for Application Security roles that can aid in preparation.

This post contains a collated list of commonly asked technical questions on interviews for Application Security roles that can aid in preparation.

This post is a review of the Certified Red Team Professional course and exam that is offered by the Pentester Academy.

Since the past few months, I put a snooze button on blogging and set it aside as life got in the way. This blog post explains why I have been “missing in action” and what I have been upto.

Is your password strong enough? In this post, we will debunk myths about password strengths and the actual best practices to ensure strong passwords

A introductory post about who I am, what I do and why I’ve created this platform.