Joel O.joelodey.hashnode.dev·Aug 24, 2024Lab: HTTP request smuggling, basic TE.CL vulnerabilityLab Scenario: Our mission is to explore and exploit a simulated web application's vulnerability to HTTP request smuggling. We'll use the TE.CL technique to manipulate the transfer encoding and content length, revealing potential security weaknesses. ...Discuss·1 likePortSwigger HTTP request smuggling Labsportswigger
Vansh Goelvanshgoel27.hashnode.dev·Aug 23, 2024Understanding Cybersecurity: A crucial Pillar of Digital AgeIn today's interconnected world, cybersecurity is more than just a technical term it's a critical necessity. As our reliance on digital platform grows, so do the threats posed by cybercriminals. Whether it's protecting sensitive data, maintaining pri...Discussdigitalsafety
Harshal ShahforHarshal_Shah' Blogdelvingwithharshal.hashnode.dev·Aug 21, 2024Understanding Cross-Site Scripting (XSS) Attacks: What You Need to KnowCross-Site Scripting (XSS) is one of the most common and dangerous security vulnerabilities affecting web applications today. Despite being well-known, XSS continues to be a significant threat, impacting websites and users across the globe. In this b...DiscussFortify and Defend: Navigating the Cybersecurity Landscapewebsecurity
Nabeelask1dd1e.hashnode.dev·Aug 4, 2024How to Perform Mobile Static Analysis with ScroungerHowdy y’all,In this article, we will explore how to perform static security analysis of mobile applications using a Metasploit-like framework called Scrounger. Static Security Testing involves examining an application’s components without executing t...Discussmobile security
Abhinandan Khuranablog.s3curity.ninja·Jul 21, 2024Trusted Platform Computing 🚀Hello, Tech enthusiasts! Welcome to this blog series where we delve into the fascinating world of Trusted Platform Modules (TPMs). In this series, we will explore what TPMs are, their history, how they work, and their practical applications in enhanc...Discuss·248 readsTrusted Platform Computing 🚀trusted-platform-computing
Cyber Seklercybersekler.com·Jul 13, 2024Git Gone Wrong: Application Compromise via Exposed .git DirectoryEvery penetration test begins with reconnaissance, and my initial steps always involve looking for potentially interesting endpoints. During one engagement, I encountered an exposed .git endpoint and I will discuss how I exploited it to gain admin-le...Discuss·50 readspenetration testing
Juan Cruz MartinezforfreeCodeCampfreecodecamp.org·Jul 11, 2024More Secure Authentication: From Passwords to PasskeysIn the ever-evolving world of cybersecurity, authentication remains a cornerstone. Traditional methods, like passwords and social logins, are increasingly vulnerable to attacks. Enter passkeys—a revolutionary approach promising enhanced security and ...DiscussApplication Security
Vishad Patelvishad.hashnode.dev·Jun 29, 2024Everything You Need to Know About Rate LimitingIn our interconnected world, websites and applications are accessed by countless users and systems at the same time. This heavy traffic can strain resources, causing slower service or, in extreme cases, complete service failure. Rate limiting is a cr...Discuss·29 readsratelimit
Dhananjay kulkarnidhananjaykulkarni.hashnode.dev·Jun 29, 2024How to Prevent SQL Injection VulnerabilitiesNow that you know what a SQL injection vulnerability is, how to find it, and how to exploit it, the next essential skill is learning how to prevent SQL injection vulnerabilities. This knowledge is crucial, especially when writing pentesting reports a...Discuss·1 likeSQL Injection#sqlinjection
Dhananjay kulkarnidhananjaykulkarni.hashnode.dev·Jun 28, 2024Exploiting SQL Injection VulnerabilitiesIntroduction In the past sections, we discussed the different types of SQL injection vulnerabilities and how to test an application to see if it's vulnerable to SQL injection. If you missed it, you can check it out here In this section, we'll dive in...Discuss·1 likeSQL InjectionSQL Injection