Anatomy of the Session Management TestsNote: This article has been created in light of the OWASP standards and descriptions.Mar 19, 2021Mar 19, 2021
The Anatomy of Deserialization AttacksSerialization is the process of turning some object into a data format that can be restored later.Jan 23, 2021Jan 23, 2021
A Pentester’s Guide to Server Side Template Injection (SSTI)Server-side template injection is a vulnerability where the attacker injects malicious input into a template to execute commandsDec 25, 2020Dec 25, 2020
A Pentester’s Guide to Command InjectionCommand injection is an attack in which the goal is to execute arbitrary commands on the host operating system via a vulnerable…Dec 11, 20201Dec 11, 20201
How to Execute an XML External Entity Injection (XXE)An XML External Entity vulnerability is a type of attack against an application that parses XML input.Nov 27, 2020Nov 27, 2020
A Pentester’s Guide to Cross-Site-Request-Forgery (CSRF)Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re…Nov 13, 2020Nov 13, 2020