Open in app

Sign in

Write

Sign in

SAST TryHackMe

Avataris12
5 min readSep 15, 2023

TryHackMe | Cyber Security Training

TryHackMe is a free online platform for learning cyber security, using hands-on exercises and labs, all through your…

tryhackme.com

Only subscribers

Join Medium with my referral link — Avataris12

As a Medium member, a portion of your membership fee goes to writers you read, and you get full access to every story…

medium.com

Code Review

Are automated code reviews a substitute for manual reviewing? (yea/nay)

nay

What type of code review will run faster? (Manual/Automated)

Automated

What type of code review will be more thorough? (Manual/Automated)

Manual

Manual Code Review

Searching for Insecure Functions

Here we get three uses for db_query() on hidden-panel.php. Once again, we can analyse the context of each call, starting with the call on line 7:

$sql = "SELECT id, firstname, lastname FROM MyGuests WHERE id=".$_GET['guest_id'];
$result = db_query($conn, $sql);

--

--

Avataris12

Written by Avataris12

590 Followers

Cybersecurity enthusiast, Airdrop Hunter

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams