Introduction SonarQube is an open-source platform for continuous inspection of code quality. It provides detailed reports on bugs, code smells, and security vulnerabilities in your codebase. In this guide, we’ll show you how to install SonarQube, Docker-powered. Prerequisites Step-by-Step Installation This command will download the latest SonarQube Docker image and run it as a daemon….
What’s OWASP briefly OWASP stands for Open Web Application Security Project, a non-profit organization that’s focused on web application security standards, tools, and methodologies. OWASP top 10 in its turn stands for Top-10 major and wide-spread security risks of web applications (doesn’t matter backend or frontend ones). OWASP is a registered trademark of the OWASP foundation…
Active and passive reconnaissance Passive reconnaissance Passive reconnaissance doesn’t include using actual pentesting utils, but rather is an analysis of what the organization looks like from within. The good start is to google as much information as you can about the target. You can search for job openings, financial reports, office photos. Especially useful information…