Abishek Kafledevops.abisec.xyz·Oct 22, 2024SQL InjectionIIntroduction Definition of SQL Injection Overview of "make blogs" platforms Importance of understanding SQL Injection in blogging platforms Understanding SQL Injection Explanation of SQL Injection Types of SQL Injection Attacks In-band SQLi ...DiscussSQL
Abishek Kafledevops.abisec.xyz·Oct 18, 2024SSTI Code Review Lab 2Lab Setup Create a folder for the challenge. mkdir ssti_ctf2_challenge cd ssti_ctf2_challenge Set up the environment python3 -m venv venv source venv/bin/activate pip install Flask Create app.py from flask import Flask, request, rend...DiscussCode ReviewWeb Development
1l.rocks1l.rocks·Oct 18, 2024Getting started or finishing the OSCP (PEN-200) courseIntroduction First of all, I’d like to share that I have submitted my exam and the report. From now on, it's just waiting for the results and praying that the results are good. The paranoia is getting there. NOTE: I did receive the certificate :) The...Discusspen200
Kuldeep YadavforBreachForcebreachforce.net·Oct 17, 2024Secure Your Node.js Applications: Top 10 Critical Vulnerabilities to Identify and Prevent Major ThreatsHave you ever had one of those moments when you feel confident about the code you’ve written — until a VAPT (Vulnerability Assessment and Penetration Testing) team reviews it? Suddenly you’re faced with a sea of red flags and dire warnings. Words lik...Discuss·84 readsNode.js
FIKARA BILALblog.fikara.io·Oct 9, 2024Master Recon : Outils et Techniques pour la reconnaissanceDans cet article, nous allons explorer divers outils qui permettent de collecter des informations sur des cibles spécifiques lors de la phase de reconnaissance. Nous commencerons par des outils de Linked Discovery, une méthode qui permet d’explorer e...Discuss·80 readsgospider
walkerw4lk3r-blog.hashnode.dev·Oct 3, 2024Red Team Diaries: #1Intro Ever wondered how adversaries move from zero domain access to domain admin ??? As a Penetration Tester / Red Team Operator I’ve been doing exactly that For the past 3 years. starting from basic recon and escalating all the way to domain/enterpr...Discuss·2 likes·77 readsRed Team Diaries#assumebreach
Manish ShivanandhanforfreeCodeCampfreecodecamp.org·Oct 2, 2024The Power of Wordlists: Why Every Ethical Hacker Needs OneWordlists are a core component of brute-force attacks. Let's learn what they are and how to use them. Imagine that you’re a security professional who’s performing a penetration test on a client’s website. Your job is to find potential weak points in ...DiscussSecurity
b1d0wsb1d0ws.hashnode.dev·Oct 1, 2024OSWE: A Detailed ReviewIntroduction Hello! In this article, I'm going to share my journey towards OSWE certification, in the hope that it can help you in some way. As I'm going to be long-winded, if you prefer a quick answer, I recommend using the table of contents to go d...Discuss·132 readsPosts#cybersecurity
frogtheripperforWrite Ups Maquinasfrogtheripper.hashnode.dev·Sep 30, 2024Maquina VulnvaultNombre de la Máquina: Vulnvault Sistema Operativo: Linux Dificultad: Fácil Plataforma: DockerLabs Dirección IP: 172.17.0.2 Escaneo de puertos Empezamos escaneando los puertos disponibles en la maquina: sudo nmap -sS -p- --open -T5 -n -Pn -v 172...Discuss·27 readshacking tools
FIKARA BILALblog.fikara.io·Sep 29, 2024La reconnaissance lors d'un pentestLa reconnaissance (Recon) est une étape du test de pénétration qui consiste à collecter le plus d’informations sur un système, afin d’exploiter de potentielles vulnérabilités.Dans cet article, nous montrerons quelques outils et moyens utilisés pour l...Discuss·128 readsasnmap