8

My mate just pen-testing on running production server using admin credential.
Guess what happen!
And no backup!

What a day!

Comments
  • 2
    Pen-test was successful I see?
  • 0
    @netikras he is using tinfoilsecurity.com, at the end, result is showing our website still have cross site scripting (which is my fault) and very easy to fix.

    But the problem is that the test is just go accessing all available link and submit and event delete some of resources.

    This is my first time either to be pen tested,
    I shoulder back up first before do that again.
Add Comment