From 0 to pentesting hero
Why you shouldn't pass variables to assert function in PHP.
6 MIN READ
From 0 to pentesting hero
Why you shouldn't pass variables to assert function in PHP.
6 MIN READ
From 0 to pentesting hero
How to convince the user to delete his account on the website without his consent?
3 MIN READ
From 0 to pentesting hero
We are used to the fact that websites contain links to another web services. But, can automatic redirection to external domain be harmful?
3 MIN READ
From 0 to pentesting hero
Can you expand the potential attack vector for a larger number of applications?
3 MIN READ
From 0 to pentesting hero
It may be found on every website that allows for exporting data to CSV format. But how the text format can be used for the attack?
2 MIN READ
From 0 to pentesting hero
Retrieving parameters from the user and later displaying them on the website always carries risk of XSS attack. But can you perform such attack without using the HTML tag?
3 MIN READ
From 0 to pentesting hero
The functionality of file upload is a key place where we should pay special attention to. If the attacker successfully sends and executes a malicious file, the whole server may be taken over.
3 MIN READ
From 0 to pentesting hero
Executing system commands on the programming language level sounds like asking for trouble. But how to do it right and safe?
2 MIN READ