Hacking XML Data
Obtaining illegal data access using XPATH injections.
Recent posts
Hacking Banks With Race Conditions
How race conditions compromise the security of financial sites.
Hacking The Web With Unicode
Confuse, Spoof and Make Backdoors.
Hacking Git Directories
How to reconstruct source code from an exposed .git directory.
Hacking Encryption With Signing Oracles
And why you should never reuse encryption keys!
Hacking Python Applications
And how attackers exploit common programming pitfalls to gain control.
Beginner’s Guide To CTFs
How To Start With Security Capture The Flag Competitions.
PHP Phar Deserialization
Exploiting PHP deserialization vulnerabilities without unserialize().