Here is my the very first hacking writeup. And the first machine is  Legacy  —  retired, but pretty useful for novice. This machine was…

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Blogs related to information security.

Run a Linux/Unix command with a time limit: Learn how to run a command, and have it abort or timeout after N seconds using timeout, bash & Perl one-liner

I was talking to a pen testing company recently at a data security conference to learn more about “day in the life” aspects of their trade. Their president told me...

Researchers

Recently I discovered multiple high severity vulnerabilities in Selectica Contract Lifecycle Management (SCLM) version 5.4.  Cross-site Scripting (XSS) There was no shortage of XSS in this app.  Here's an example from a light scan with Burp Suite: This is…

Sonar is the home of Clean Code. Our blog showcases our products: SonarLint, SonarQube, and SonarCloud - trusted by 400k+ organizations globally.

SSRF (Server Side Request Forgery) testing resources - cujanovic/SSRF-Testing

How to bypass filter_var(), preg_match() and parse_url()

What is Server Side Request Forgery? This vulnerability can be exploited by a hacker to send requests to internal systems behind a firewall. Learn more.

Severity: Medium

Server Side Request Forgery (SSRF) is a type of attack that can be carried out to compromise a server. The exploitation of an SSRF…

Hello guys,