Introduction Fed up being slowed down by simple checks and functionality? Even seemingly simple CSRF tokens can get in the way of a straight-forward brute-force attack! Enter BURP Suite Macros, an indispensable tool that can be used to efficiently handle these...
Overview NoSQL databases, a term that stands for “Not Only SQL,” represent a shift from traditional relational databases. Unlike their SQL-based counterparts that rely heavily on tables and fixed schemas, NoSQL databases provide flexible storage...
Overview Having a flexible and isolated environment doesn’t just save us time, it can also be crucial for testing. Whether you’re deploying a real-world application stack for research, testing exploits, or setting up vulnerable apps for practice, you need a...
Overview Version control systems, such as Git, are essential tools in software development, enabling seamless collaboration and change tracking. However, their widespread use can sometimes lead to unintended security oversights. While Git excels in managing code...
Server-Side Template Injection (SSTI) is an attack that allows an attacker to inject malicious input into a templating engine, leading to code execution on the server. While this vulnerability can be quite impactful, understanding and exploiting it requires a good...
Server-Side Request Forgery (SSRF) is a vulnerability that let’s an attacker have a server make requests on their behalf. Typically this can allow the attacker to reach internal resources that would otherwise be unavailable. Whilst the typical SSRF is dangerous...
