SECOND ORDER SQL INJECTION ATTACK ...
Second Order SQL Injection: Second Order SQL Injections are those which are not widely discussed. Important to know that these cannot be detected by tools…
Read MoreOpen Redirect ...
What is Open Redirect? An open redirect is a security flaw in an application or a web page that causes URLs to fail to authenticate…
Read More
CRLF Injection ...
Before going into details on what and how to find and perform CRLF injection and what are the measure one should take from this to…
Read More
HTTP Parameter Pollution ...
The parameter enables pages to load data from the back-end e.g., ID, search query. They make websites more interactive to the back-end as well as…
Read More
Web Cache Poisoning – Through Host Header Inject ...
To understand the concept of web cache poisoning first we have to understand what web cache is and why it is being used. Then we…
Read More
Apache Struts-2 Exploited to Remote Code Execution ...
This blog is to describe my finding on a web-based application which is a very well-known vulnerability found on Apache Struts-2 RCE (Remote Code Execution)….
Read More
Vulnerabilities Related to SAML [Security Assertio ...
In this blog, we are going to discuss about what is the SAML(Security Assertion Markup Language) and how it works as well as we are…
Read More
Microsoft Zero Day – VCard Vulnerability ...
Introduction: A zero-day vulnerability has been discovered and reported in the Microsoft’s Windows operating system. Under a certain scenario it could allow a remote attacker…
Read More
Advisory | Microsoft Zero Day – Windows Task ...
Introduction A previously unknown zero-day vulnerability has been disclosed in the Microsoft’s Windows operating system that could help a local user or malicious program to…
Read More
What Makes Penetration Testing Impactful – P ...
As a penetration tester, we often come across this riddle – What Makes Penetration Testing Really Impactful. As per penetration testing methodology – we identify…
Read More