Create Bind and Reverse Shells using Netcat
Netcat (nc, ncat, or the swiss army knife of networking, as some might prefer to call it) is a command-line […]
Server-Side Request Forgery (SSRF) Explained
Server-Side Request Forgery (or SSRF) is an attack that consists of inducing a web application to send back-end requests to […]
Host Header Injection Attacks
Host Header injection is not the type of attack that you would normally find in CTFs or security challenges. However, […]
HTTP Request Smuggling Explained
HTTP Request Smuggling (HRS) is a type of attack that is gaining more and more attention in recent years. Its […]
XXE Attacks Explained
Out of the many attacks that threaten web applications today, XXE remains the one that is talked about the least. […]
CSRF (Cross-Site Request Forgery) Explained
Cross-Site Request Forgery (CSRF or XSRF), also called Client-Side Request Forgery, is a type of attack that targets web applications. […]
A Quick Guide To Regular Expressions
Regular expressions are present in almost all programming languages (Python, PHP, Javascript…), as well as in Linux commands (grep, sed…) […]
Introduction to Cross-Site Scripting (XSS)
This article presents a great introduction for anyone trying to learn about Cross-Site Scripting (or XSS). You don’t need to […]
Using THC Hydra To Brute Force Login Forms
THC Hydra is a powerful tool to use against login forms. It can perform brute force and dictionary attacks against […]
Linux Privilege Escalation: Three Easy Ways to Get a Root Shell
Once you’ve gained access to a Linux system, the next logical step is to perform privilege escalation. That is, to […]