MORE FROM THIS AUTHOR
GDPR Article 32: Security of Data Processing
This article provides a short introduction to Article 32 of the General Data Protection Regulation (GDPR), the latest EU regulation which deals with the security of Personal Data Processing. It also includes some practical suggestions for keeping organizations' personal data secure.
Application Level Denial of Service – A Comprehensive Guide
Application level Denial of Service attacks are designed to render systems unresponsive, denying the services for users. They are notoriously difficult to detect & prevent and underestimated. This comprehensive guide explains how to identify and remove the conditions necessary for DoS attacks.
Second-Order Remote File Inclusion (RFI) Vulnerability Introduction & Example
This article provides an introduction to the Second-Order Remote File Inclusion (RFI) vulnerability, with an example, and explains how Netsparker can detect it.
The Equifax Breach – The Signs Were There
A detailed report detailing about Equifax was hacked, including quotes from David Hoyt, the security researcher who identified and reported vulnerabilities on the Equifax website months before the data breach happened.
Missed Black Hat or DEF CON? We've got you covered
If you missed Blackhat and Def Con this year do not worry. Our security researcher Sven Morgenroth has just compiled a list of the best talks that took place during this year's conferences in Las Vegas.
Vulnerable Web Applications on Developers, Computers Allow Hackers to Bypass Corporate Firewalls
A detailed explanation with examples of how malicious hackers can attack vulnerable web applications typically running on developers computers to bypass firewalls and hack other web applications on the local network.
Collision Based Hashing Algorithm Disclosure
This detailed article explains how you can use the Collision Based Hashing Algorithm Disclosure method to check if the target web application uses the weak SHA-1 hashing algorithm to hash the users' passwords.
The Advantage of Heuristic Over Signature Based Web Vulnerability Scanners
This article explains how both the heuristic and signature based web application security scanners work. It also explains the pros and cons of both types of scanners.
XSS, CSRF & Other Vulnerabilities in CubeCart Web Application
This article explains in details the various vulnerabilities Netsparker’s security researchers identified in CubeCart, an open source ecommerce solution.
How I Hacked my Smart TV from My Bed via a Command Injection
This article explains how I was able to exploit a command injection vulnerability in my Smart TV and use Netcat to gain remote shell access on the TV set.
What is the SQL Injection Vulnerability & How to Prevent it?
The SQL Injection vulnerability allows malicious hackers to inject arbitrary code in SQL queries, thus being able to directly retrieve and alter data stored in a website's database.
Missing Function Level Access Control Vulnerabilities in Maian Support Helpdesk Allow Complete Take Over of the System
This article looks into the details of how malicious hackers can exploit a number of missing function level access control vulnerabilities to take over an installation of Maian Support Helpdesk, a web application developed in php.