Tutorials

HTTP PUT Method Exploitation with Put2Win (Meterpreter Shell)

From previous article, we came across to different actions performed by HTTP methods where we had described the role of PUT method which allow client to upload a file on server with different ways i.e with Netcat, with Nmap, with BurpSuite, with Curl, with Quickput, with Cadaver and with Metasploit Framework. Testing Environment Setup –  […]

Tech Articles

HTTP Security Headers – For Apache Servers

The world of security, especially Web security, is a very complex and extensive knowledge domain to attempt to master-one where the consequences of failure can be extremely high. Practitioners can spend years studying this discipline only to realize that the more they know, the more they realize they need to know. In fact, the challenge may seem to […]

Tech Articles

List of HTTP/1.1 Methods [2018 Update]

1. GET Method The GET method is used to retrieve whatever is stored or produced by the resource located at the specified Request-URI. The GET method can be used to request files, to invoke server-side scripts, to interact with server-side CGI programs, and more. When HTML form variables are submitted with the form action set […]

Tutorials

HTTP PUT Method Exploitation – Live Penetration Testing

In this article, we’ll be exploiting the HTTP PUT method vulnerability on one of the Metasploitable2 webserver through which you can easily upload any malicious file onto the server and can gain the access of the whole webserver in meterpreter shell. In last article, we’ve already learnt that how to Test HTTP Methods with Curl, […]