Santhosh Tuppad’s testing and security blog

  • 10 Myths of Security Testing

  • TOP 5 QUICK WAYS TO START SECURITY TESTING

    START THINKING LIKE A CRIMINAL You heard it right! Thinking like a criminal is one of the important ingredients for security testing aspirants or enthusiasts who want to reach the next level of hacking. I quote this always in my talk – To become a better hacker, think like a criminal while you have self-control to not commit […]

  • TOP 10 SECURITY BUGS FOUND BY SANTHOSH TUPPAD

    At least in my opinion, security is not taken seriously by most of the product owners. I feel glad when some customers want their application to be tested for security quality criteria and I respect such product owners because they respect their product and care about their end-user privacy. To showcase some of the security […]

  • Testing Toolkit for Desktop Applications in Windows

    Testing Windows Desktop applications is a different mind-set and skill-set. I thought of letting the world know about the software’s that I use in my testing of Windows Desktop Applications. Most of them or all of them are freeware / open-source. Thanks to OSI community and freeware community. I can go on and on. Please […]

  • How to test password feature in web application?

    Password enforcing rules Not all users know about threats in security space. It is important for companies to enforce password rules to take care of user’s account not being compromised by attacks such as brute force dictionary based attack. Providing the rule like, at least 1 capital letter, 1 lower case letter, 1 special character and totally […]

  • How organizational culture helps in success or failure?

    There are many non-technical aspects that made a team successful in a project. I am able to tell this because I have faced these in my professional life. For a quick introduction, look at what Wikipedia says about Organizational Culture. Following some tips would surely make your life better considering professional life. Gossiping can be wrong if […]

  • My First Step Towards Mobile Security Testing

    Looking at the title it doesn’t mean that I have conquered web security testing totally. And it wouldn’t make sense to me if I said; I would conquer web security totally before I die. It is such a vast area of study and keeps on going and going just like we do not know where […]

  • I LOVE YOU AMMA (MOTHER), YOU ROCK. HAPPY MOTHERS DAY!

    Beautiful lady in the picture is my mom who has been taking care of me since I was a baby. She never got tired of me with my stupidity, irritating moments, fights & lot more. She has great energy even today to support me in living my life happily. I have learned many things from […]

  • Why Security Testing Sucks?

    MANAGEMENT DOESN’T UNDERSTAND THE VALUE MOST OF THE TIMES We have known this for long time and it is hard to figure out the reasons behind, “Why management doesn’t agree to this or why management doesn’t understand this”. It could be a business reason finally however, not at the cost of sensitive data leakage of […]

  • DIY: SMART TIPS TO TEST!

    Tip #1 – Test Data: Creating exact file size using DOS command utility. Let us say you wanted to test file upload feature in web application and the maximum file upload size is 3 MB. Now, you search in your local computer to see whether you have 3MB file and finally you see that you […]

Got any book recommendations?