Introduction Looking for SQL Injection vulnerabilities in web applications can be a complicated task. Web applications are often implemented with complicated filters or web application firewalls w...
Exploiting Local File Inclusion using PHP Wrappers
Introduction Local File Inclusion is a common technique used to include contents of a local file within a webpage. In many cases, a vulnerability can occur when a webpage uses user-controlled inpu...
6 things I didn't know Drozer could do
1 : Intent Sniffing Intent sniffing is an attack vector use to capture exposed intents. In certain cases, applications will broadcast intents and will not define any permissions that in need to re...
ZAP Scripting
Zed Attack Proxy (ZAP) is an open-source web application security scanner/proxy that can be used to find vulnerabilities. This blog post is about Zed Attack Proxyβs Scripting capabilities and how i...