SQL Injection whitebox approach (part2) In the part 1 of this serie, we worked on : Identification of the files we want to deal with; Defining the pattern we will be looking for in the file, for us to inject our payload (GET...
Archive - August 2022
SQL Injection whitebox approach (part1) Have you ever been in a situation where you have a bunch of code to review ? Let’s take an example of Atutor, a fully working Learning Management System (LMS) available at which...
My OSWE Journey Advanced Web Attacks and Exploitation (WEB-300) is an advanced web application security review course. It teaches skills needed to conduct white box web app penetration tests. Students who complete the course...