Server-Side Request Forgery (SSRF) Explained
Server-Side Request Forgery (or SSRF) is an attack that consists of inducing a web application to send […]
Host Header Injection Attacks
Host Header injection is not the type of attack that you would normally find in CTFs or […]
HTTP Request Smuggling Explained
HTTP Request Smuggling (HRS) is a type of attack that is gaining more and more attention in […]
XXE Attacks Explained
Out of the many attacks that threaten web applications today, XXE remains the one that is talked […]
CSRF (Cross-Site Request Forgery) Explained
Cross-Site Request Forgery (CSRF or XSRF), also called Client-Side Request Forgery, is a type of attack that […]
Introduction to Cross-Site Scripting (XSS)
This article presents a great introduction for anyone trying to learn about Cross-Site Scripting (or XSS). You […]
Using THC Hydra To Brute Force Login Forms
THC Hydra is a powerful tool to use against login forms. It can perform brute force and […]
Using Gobuster to Find Hidden Web Content
Directories and Files enumeration is one of the first steps that an attacker performs during web application […]
Introduction to SQL Injection
SQL injection is often referenced as the most common type of attack on websites. It is being […]