Sql injection Attacks & Defense
SQL injection is through the SQL command into the Web form submit or enter the domain name query string or page request, and ultimately to deceive the server to execute...
Web Exploitation / WebApp PenTest
by do son · Published December 11, 2016 · Last modified November 4, 2024
SQL injection is through the SQL command into the Web form submit or enter the domain name query string or page request, and ultimately to deceive the server to execute...
Web Information Gathering / Web Vulnerability Analysis
by do son · Published December 2, 2016 · Last modified November 4, 2024
Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of...
Metasploit / Web Exploitation / WebApp PenTest
by do son · Published November 28, 2016 · Last modified November 4, 2024
Introduction Apache Axis2™ is a Web Services / SOAP / WSDL engine, the successor to the widely used Apache Axis SOAP stack. There are two implementations of the Apache Axis2...
Vulnerability Impact Arbitrary code execution with the following two conditions: An attacker can upload your own configuration language file, or the file containing the language themes, plug-ins folder Website attacker...
Web Vulnerability Analysis / WebApp PenTest
by TheBlaCkCoDeR · Published October 20, 2016 · Last modified November 4, 2024
Cross-site request forgery [CSRF], also known as one-click attack or session riding or Sea-Surf and abbreviated as CSRF or XSRF, is a type of malicious attack exploit of a website...