VAPT - Vulnerability Assessment and Penetration Testing

VAPT - Vulnerability Assessment and Penetration Testing

VAPT - Vulnerability Assessment and Penetration Testing

VAPT

Vulnerability Assessment and Penetration Testing, Identify the doorways of threats by stressing on the weaknesses.

Vulnerability

Vulnerabilities are the doorways via which threats are revealed. Vulnerabilities are actually weaknesses in system. This can be identified by the software rather manually.

Penetration

Process of trying to gain unauthorized access to authorized resources by stressing on the weaknesses. Penetration testing is also known as an ethical hacking as “breaking into your own system to see how hard it is to do.” It is a main branch of network security evaluation, which aims at providing analysis to discover the vulnerabilities and security threats in systems and networks.

Tools

  1. Arachni
  2. ZAP
  3. Samurai

Posts on Security

SSL - Create CSR, CRT, Secure Sockets Layer

Arachni - VAPT Tool

VAPT - Vulnerability Assessment and Penetration Testing

Related Post:

Why Python for Production Services

Vector Deployment Patterns

Vector Aggregator — Transform and Route

Vector Agent — Lightweight Log Collection

HashiCorp Vault — Centralized Secret Management

Vault Auth Methods — Token vs AppRole

Unit Tests for Business Logic

Test Coverage and CI Integration

Docker Swarm Deployment

Why Structured Logging Matters

structlog — JSON Logging with Context

Secret Workflow — Local to Production

Scheduled Security Scans

Production Operations Runbook

pytest — Fixtures, Conftest, and Async Testing

Pydantic — Request & Response Validation

Prometheus Metrics — RED Method

Project Structure with pyproject.toml

Pre-Commit Hooks for Security

Auto-Instrumentation for FastAPI

OpenTelemetry — Traces, Spans, and Context

Marathon/Mesos Deployment

Log Rotation and Disk Management

End-to-End Pipeline

Kubernetes Deployment

Kafka — Durable Log Transport

Jaeger — Visualizing Distributed Traces

Integration Tests for API Endpoints

Health Checks and Readiness Probes

Graceful Shutdown

GitHub Actions CI Pipeline

FastAPI — Async-First HTTP Framework

Error Handling & Response Models

Elasticsearch + Kibana — Search and Visualize

Dual Output — Stdout and File Logging

Docker — Containerize from Day One

Docker Compose Deployment

Dependency Updates and Maintenance

Dependency Auditing with pip-audit

Request-Scoped Logging with Correlation IDs

Container Security with Trivy

Environment-Based Config with pydantic-settings

Async Database Operations

API Versioning Strategies

RESTful Route Design with FastAPI Router

K8s Contributor Playground, Learning by Contributing

Git - Switch Remote URL

Git - Reset Commits

Git - Cheat Sheet

Git - Push with SSH

Git - Merge

Git - Init

Git - Project Lead/Manager

Git - Commit Files

Git - Create Branch

Git - Common Commands

Git - Branch Management

Adding Try in PWD button to README file

Docker Issues

Git - Basics for a Developer

Jenkins - Upgrade Jenkins

SED

Jenkins - Schedule

AWS EBS Volmes - Create and attach the EBS volume with mounting

Elasticsearch - Dumping documents from multi-node to single node

CICD Jenkins - Send email with default content

Git - Intro

Linux - sed command