Buffer overflow attack
On the previous post, I introduced to you the concept of buffer overflow. On this post, I am going to guide you how to find and exploit buffer overflow vulnerability. Stack overflows are usually...
Tagged: vuln
WMAP: Web Vulnerability Scan on Metasploit
Introduce The Metasploit Project is a computer security project that provides information about security vulnerabilities and aids in penetration testing and IDS signature development. Its best-known sub-project is the open source[2] Metasploit Framework, a...
Some technique to bypass waf for uploading Shell on webserver
File upload vulnerability is when the user uploads an executable script file, and through the script file to obtain the ability to execute server-side commands. This attack is the most direct and effective, and...
Finding and exploiting Cross-site request forgery (CSRF)
Introduce Cross-site request forgery [CSRF], also known as a one-click attack or session riding or Sea-Surf and abbreviated as CSRF or XSRF, is a type of malicious attack exploit of a website (“Web Application”);...
Nikto v2.5 releases – WebAPP Penetration Testing Tool
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and...
