Abhinandan Khuranablog.s3curity.ninja·Jul 21, 2024Trusted Platform Computing 🚀Hello, Tech enthusiasts! Welcome to this blog series where we delve into the fascinating world of Trusted Platform Modules (TPMs). In this series, we will explore what TPMs are, their history, how they work, and their practical applications in enhanc...Discuss·212 readsTrusted Platform Computing 🚀trusted-platform-computing
Cyber Seklercybersekler.com·Jul 13, 2024Git Gone Wrong: Application Compromise via Exposed .git DirectoryEvery penetration test begins with reconnaissance, and my initial steps always involve looking for potentially interesting endpoints. During one engagement, I encountered an exposed .git endpoint and I will discuss how I exploited it to gain admin-le...Discuss·38 readspenetration testing
Vishad Patelvishad.hashnode.dev·Jun 29, 2024Everything You Need to Know About Rate LimitingIn our interconnected world, websites and applications are accessed by countless users and systems at the same time. This heavy traffic can strain resources, causing slower service or, in extreme cases, complete service failure. Rate limiting is a cr...Discussratelimit
Dhananjay kulkarnidhananjaykulkarni.hashnode.dev·Jun 29, 2024How to Prevent SQL Injection VulnerabilitiesNow that you know what a SQL injection vulnerability is, how to find it, and how to exploit it, the next essential skill is learning how to prevent SQL injection vulnerabilities. This knowledge is crucial, especially when writing pentesting reports a...Discuss·1 likeSQL Injection#sqlinjection
Dhananjay kulkarnidhananjaykulkarni.hashnode.dev·Jun 28, 2024Exploiting SQL Injection VulnerabilitiesIntroduction In the past sections, we discussed the different types of SQL injection vulnerabilities and how to test an application to see if it's vulnerable to SQL injection. If you missed it, you can check it out here In this section, we'll dive in...Discuss·1 likeSQL InjectionSQL Injection
Dhananjay kulkarnidhananjaykulkarni.hashnode.dev·Jun 26, 2024SQL Injection Attacks: Types and EffectsIntroduction Welcome to Part 2 of our guide on SQL Injection. In Part 1, titled " Understanding SQL Injection: A Beginner's Guide ", we covered the basics of SQL Injection, how it works, examples of attacks, and best practices for prevention. If you ...Discuss·1 likeSQL Injectiontypesofsqlin
Dhananjay kulkarnidhananjaykulkarni.hashnode.dev·Jun 25, 2024Understanding SQL Injection: A Beginner's GuideWhat is SQL Injection? SQL Injection is a type of attack where an attacker can manipulate the SQL query sent to the database by adding SQL code into an input field of an application. This manipulation can allow the attacker to interact with and chang...Discuss·1 likeSQL Injection#cybersecurity
Tudor Purcarelucyberhashira.com·Jun 14, 2024Practical Junior Web Tester - PJWTI want to share the approach I took to study for and pass the PJWT certification. What is PJWT? The PJWT, or Practical Junior Web Tester certification from TCM Security, tests your ability to evaluate a web application using the OWASP TOP 10 methodol...DiscussPJWT
Sergio Medeirosgrumpz.net·Jun 12, 2024CVE-2024-37629: Simple XSS Payload Exploits 0day Vulnerability in 10,000 Web AppsLate one night, after working on a couple of bug bounty platforms, I decided to revisit a CVE I found last month. I realized that the web application had implemented the Summernote WYSIWYG Editor, which was the root cause of the stored XSS vulnerabil...Discuss·11 likes·1.2K readsbugbounty
Opara Davidzalparus.hashnode.dev·Jun 8, 2024Perform Proper ReconnaissanceReconnaissance refers to the preliminary phase of a cyber attack where the attacker gathers information about a target system, network, or organization. This phase is crucial as it helps the attacker understand the landscape they are about to infiltr...Discuss·1 like·32 reads#cybersecurity