Cybr’s Injection Attacks Course Badge Gets Added to NYU Cyber Fellows Program
In addition to our Introduction to Application Security and Cross-Site Scripting badges, we are officially announcing the addition of the Injection Attacks badge to the…
Content and resources related to Application and Data Security.
In addition to our Introduction to Application Security and Cross-Site Scripting badges, we are officially announcing the addition of the Injection Attacks badge to the…
For a webinar collaboration with a friend of mine, Ell Marquez, who works at Intezer, we wanted to demonstrate how web application vulnerabilities could be…
This tutorial explains how I created a hard drive crawler and extraction tool. This Python data exfiltration tool uses regex for matching desired data patterns…
According to both OWASP and CWE, Cross-Site Scripting is one of the top 10 most dangerous web application security risks, and for good reason: OWASP’s…
This post is for those of you looking for resources about “Python for beginners” and “learning Python for free”! I talk to a lot of…
SQLMap is a popular open-source penetration testing tool used to detect and exploit SQL injection vulnerabilities. In prior posts, we looked at general concepts of…
A lot of times, especially when you join smaller organizations, there are no (or very few) formal processes in place. The approach taken to secure…
Now that we’ve reviewed OS Command injection concepts like how they work, the impact they can have, and techniques that can be used to exploit…
When I first heard the term OS Command injections, or “Shell injection” as some people refer to it, I don’t know why but I assumed…