GhostWire: Playing With Kernel-Level Security as a Learning Project
Nov 15, 2025 · 6 min read · This whole project started with a simple idea: build something with FastAPI and containers, and see how far that rabbit hole goes.It ended with me inspecting HTTP packets in the Linux kernel and running a machine learning model on them, which was not...
Join discussionSQL Injection for Beginners – How Hackers Break into Websites
Aug 12, 2025 · 4 min read · If you’ve ever logged into a website, entered your username and password, and clicked “Submit,” there’s a lot happening behind the scenes.Your details travel from the website to a database — a place where all usernames, passwords, and other sensitive...
Join discussion
HackTheBox - SQL Injection Fundamentals - Skills Assessment Walkthrough
Jul 9, 2025 · 4 min read · Scenario The company Inlanefreight has contracted you to perform a web application assessment against one of their public-facing websites. In light of a recent breach of one of their main competitors, they are particularly concerned with SQL injectio...
Join discussion
Mapping LLM API attack surface
Oct 19, 2024 · 2 min read · Introduction Organizations are quickly integrating Large Language Models (LLMs) to enhance their online customer experience. However, this exposes them to web LLM attacks, which exploit the model's access to data, APIs, or user information that an at...
Join discussion
Lab: SQL injection attack, listing the database contents on non-Oracle databases
Apr 8, 2024 · 3 min read · In this educational guide, we will explore the practical application of Burp Suite to identify and exploit SQL injection vulnerabilities, highlighting the importance of robust security practices. Step 1: Intercepting and Modifying Requests with Burp ...
Join discussion
Lab: SQL injection UNION attack, retrieving data from other tables
Apr 1, 2024 · 2 min read · In this educational guide, we will walk through the process of using Burp Suite to intercept and modify requests, focusing on the product category filter. Our objective is to unveil potential SQL injection vulnerabilities, understand the database str...
Join discussion
CVE-2024-24813: Biến thể SQL Injection trong Frappe Framework
Mar 28, 2024 · 3 min read · CVE-2024-24813 được mình tìm ra trong một dịp khá thú vị. Nay bên vendor họ đã patch xong, mình viết bài blog này chia sẻ về cách mình tìm ra nó như thế nào. Sáng hôm đó, mình ngồi review lại code để chuẩn bị cho buổi training phân tích 1-day với mấy...
Join discussionLab: SQL injection UNION attack, determining the number of columns returned by the query
Mar 18, 2024 · 2 min read · SQL injection is a serious security risk for web applications, and Burp Suite can be used to identify and address these vulnerabilities. This guide shows how to use Burp Suite to intercept and modify requests, specifically focusing on the product cat...
Join discussion
Lab: SQL injection UNION attack, finding a column containing text
Mar 5, 2024 · 2 min read · In this lab, our goal is to determine the number of columns returned by the query, offering a valuable insight into potential SQL injection vulnerabilities. Step 1: Intercepting and Modifying Requests with Burp Suite Burp Suite, a versatile web appli...
Join discussion