Cancel

XML External Entity

An XML External Entity attack is a type of attack against an application that parses XML input and allows XML entities. XML entities can be used to tell the XML parser to fetch specific content ...

Apr 25, 2021 2021-04-25T00:00:00+07:00 13 min reads

Office - Attacks

Summary XLSM - Hot Manchego XLS - Macrome XLM Excel 4.0 - SharpShooter XLM Excel 4.0 - EXCELntDonut XLM Excel 4.0 - EXEC DOCM - Metasploit DOCM - Download and Execute DOCM - Macro...

Apr 22, 2021 2021-04-22T00:00:00+07:00 18 min reads

GraphQL Injection

GraphQL is a query language for APIs and a runtime for fulfilling those queries with existing data. A GraphQL service is created by defining types and fields on those types, then providing funct...

Apr 22, 2021 2021-04-22T00:00:00+07:00 6 min reads

Linux - Privilege Escalation

Summary Tools Checklist Looting for passwords Files containing passwords Old passwords in /etc/security/opasswd Last edited files In memory passwords Find...

Apr 15, 2021 2021-04-15T00:00:00+07:00 17 min reads

Upload Insecure Files

Upload Uploaded files may pose a significant risk if not handled correctly. A remote attacker could send a multipart/form-data POST request with a specially-crafted filename or mime type and execu...

Mar 30, 2021 2021-03-30T00:00:00+07:00 3 min reads

1
...
3
4
5
...
15
4 / 15

XML External Entity

Office - Attacks

GraphQL Injection

Linux - Privilege Escalation

Upload Insecure Files

Trending Tags