Busra DemirAnatomy of the Session Management TestsNote: This article has been created in light of the OWASP standards and descriptions.Mar 19, 2021Mar 19, 2021
Busra DemirA Pentester’s Guide to WebSocket PentestingWhat is WebSocket Hijacking?Feb 5, 2021Feb 5, 2021
Busra DemirThe Anatomy of Deserialization AttacksSerialization is the process of turning some object into a data format that can be restored later.Jan 23, 2021Jan 23, 2021
Busra DemirA Pentester’s Guide to Server Side Template Injection (SSTI)Server-side template injection is a vulnerability where the attacker injects malicious input into a template to execute commandsDec 25, 2020Dec 25, 2020
Busra DemirA Pentester’s Guide to Command InjectionCommand injection is an attack in which the goal is to execute arbitrary commands on the host operating system via a vulnerable…Dec 11, 20201Dec 11, 20201
Busra DemirHow to Execute an XML External Entity Injection (XXE)An XML External Entity vulnerability is a type of attack against an application that parses XML input.Nov 27, 2020Nov 27, 2020
Busra DemirA Pentester’s Guide to Cross-Site-Request-Forgery (CSRF)Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re…Nov 13, 2020Nov 13, 2020