PHP CGI Argument Injection With Metasploit Framework

Tutorials By Sarcastic Writer · January 27, 2018 · Comments off

PHP is a widely-used general-purpose scripting language that is especially suited for Web development and can be embedded into HTML. When PHP is used in a CGI-based setup (such as Apache’s mod_cgid), in…

Apache Server Hardening – Kali Linux 2017

Tutorials By Sarcastic Writer · December 25, 2017 · Comments off

The Apache Web server is a remarkable piece of software. The basic package distributed by the Apache Software Foundation is quite complete and very powerful, and a lot of effort has gone into keeping…

Simple Tips to Prevent SQL Injection Vulnerability

Tech Articles By Sarcastic Writer · December 22, 2017 · Comments off

As seen from the previous articles, SQL injection has the ability to attack a web server database, compromise critical information, and expose the server and the database to a variety of malicious exploits;…

50 Important terms related to Database – Updated List 2017

Tech Articles By Sarcastic Writer · December 20, 2017 · Comments off

1. Character Set: A character set is a specification that determines the set of codes used to represent the characters of a particular language or set of languages. Among the oldest character sets…

Mitigations for Common Web Application Flaws

Tech Articles By Sarcastic Writer · December 18, 2017 · Comments off

The most prominent components of web applications that intruders will first seek to exploit are vulnerabilities within the web platform. The web platform commonly includes: Web server software (such as IIS or Apache)….

Web Application Hacking Methodology

Tech Articles By Sarcastic Writer · December 18, 2017 · Comments off

Web application hacking is not just about using automated tools to find common vulnerabilities. It is indeed a methodological approach that, if followed, would help reveal many more flaws and potential security vulnerabilities. The…

SQL Injection – A Complete Understanding Tutorial

Tutorials By Sarcastic Writer · November 18, 2017 · Comments off

SQL injection is an attack to circumvent scripts using SQL queries, as is often the case on websites, and especially for user authentication systems. [#] Introduction – SQL, or Structured Query Language, is…

Top 40 XSS (Cross Site Scripting) Revision Questions with Answers

Q&A By Sarcastic Writer · November 12, 2017 · Comments off

The below questions and answers are designed to both measure your understanding of the concepts of XSS -Cross Site Scripting Attacks and Prevention. Q1: What is the difference between HTML Injection and XSS?…

Maintaining Access with Web Backdoors [Weevely]

Tutorials By Sarcastic Writer · October 29, 2017 · Comments off

Once a web server and its services have been compromised, it is important to ensure that secure access can be maintained. This is usually accomplished with the aid of a web shell—a small program…

Find Real IP behind CloudFlare with CloudSnare Python Script

Tutorials By Sarcastic Writer · October 4, 2017 · Comments off

CloudFlare is one of the most popular CDN provider who offers a complete package of WAF i.e. Web Application Firewall and DDOS Protection (Distributed Denial of Service) for websites. List of Features –…

website hacking