Uploading Backdoor Shells with Weevely and Commix
Now that we’ve reviewed OS Command injection concepts like how they work, the impact they can have, and techniques that can be used to exploit…
Category: Application Security
Content and resources related to Application Security (AppSec)
OS Command Injections: How they work, and example techniques
When I first heard the term OS Command injections, or “Shell injection” as some people refer to it, I don’t know why but I assumed…
Cybr Lesson #1: Mistakes Made & Lessons Learned the EASY Way!
I love quotes! I mean… really love them. In just one or two lines I can get or give the inspiration or motivation I need…
8 SQL Injection Cheat Sheets and References you need
Now that we’ve covered general concepts of SQL for SQL injections, and we’ve learned the basics of powerful SQL injection techniques, let’s gather SQL injection…
How To Hunt for Web App Vulnerabilities Hands-on!
I’ve said it again and again, and I think most members of the technical community would agree that the fastest, most effective, most fun way…
What are SQL Injections (SQLi)? Introduction to powerful techniques
We’ve talked about what SQL is, but now, let’s talk about one of the most common and dangerous web-based attacks: SQL injections (aka SQLi). In…
A quick SQL primer for SQL injections
While there are many other tutorials and resources out there that cover SQL, I wrote this blog post to give you a quick SQL primer…
Blind SQL Injections with SQLMap against the DVWA
As part of our Injection Attacks: The Free 2020 Guide course, we reviewed concepts of SQL injections, including what blind injections are. Then, we practiced…
Create a reverse shell with Socat – DVWA OS Command Injections
In our Injection Attacks course, we perform different OS Command Injections to demonstrate how this vulnerability can be exploited in the Damn Vulnerable Web Application…
Set up the OWASP Juice Shop on Kali with Docker [Quickest Method]
Installing the OWASP Juice Shop on Kali with Docker is super fast because you don’t have to install anything but Docker. It also makes cleaning…