Cross-Site Request Forgery (CSRF or XSRF), also called Client-Side Request Forgery, is a type of attack that targets web applications. […]

Regular expressions are present in almost all programming languages (Python, PHP, Javascript…), as well as in Linux commands (grep, sed…) […]

This article presents a great introduction for anyone trying to learn about Cross-Site Scripting (or XSS). You don’t need to […]

THC Hydra is a powerful tool to use against login forms. It can perform brute force and dictionary attacks against […]

Once you’ve gained access to a Linux system, the next logical step is to perform privilege escalation. That is, to […]

Every self-respecting pentester should have a powerful password cracker in their toolkit, and John the Ripper is simply the best […]

Directories and Files enumeration is one of the first steps that an attacker performs during web application pentesting. This step […]

SQL injection is often referenced as the most common type of attack on websites. It is being used extensively by […]

In this article, we will try to learn what malware is and how malware analysis works. It is aimed at […]

Nmap is an open-source network mapping tool developed by Gordon Lyon. It is widely used as a port scanner and […]