WEBINAR
Learn how software development company Personio takes a strategic approach to pentesting.
WEBINAR
Learn how software development company Personio takes a strategic approach to pentesting.

Pentester Guides (10)

How to Execute an XML External Entity Injection (XXE)

What's XXE? An XML External Entity vulnerability is a type of attack against an application that parses XML input. This...
Nov 26, 2020
Est Read Time: 4 min

A Pentester’s Guide to Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application...
Nov 13, 2020
Est Read Time: 4 min

A Pentester’s Guide to Cross-Site Scripting (XSS)

Examine a common security vulnerability, Cross-Site Scripting (XSS).
Oct 30, 2020
Est Read Time: 8 min

A Pentester’s Guide to HTTP Request Smuggling

What is HTTP Request Smuggling? HTTP request smuggling is an attack technique that is conducted by interfering with the...
Oct 15, 2020
Est Read Time: 9 min

A Pentester’s Guide to Server Side Request Forgery (SSRF)

What is SSRF? In a Server-Side Request Forgery (SSRF) attack, the attacker can abuse functionality on the server to...
Oct 1, 2020
Est Read Time: 4 min

A Pentester’s Guide to SQL Injection (SQLi)

This blog will be one of many created alongside our Hacking How-To series, an educational video series around everyday...
Sep 17, 2020
Est Read Time: 5 min

Pentest Workflow — Leveraging Community-Powered Tools

As a pentester, I like to look for ways to leverage automation so I can focus my efforts on bugs that are hard to...
Apr 14, 2020
Est Read Time: 3 min

Anatomy of Authentication Tests

Introduction Authentication, as OWASP states, is the process of verifying that an individual, entity, or website is who...
Mar 5, 2020
Est Read Time: 4 min

The Anatomy of Deserialization Attacks

What is Deserialization? Serialization is the process of turning some object into a data format that can be restored...
Jan 23, 2020
Est Read Time: 7 min
    8 9 10 11 12