119 articles
Step-by-step resolution of the PortSwigger lab on remote code execution through uploading a polyglot web shell, exploiting file content validation.
Learn to bypass file upload restrictions using the extension obfuscation technique with null bytes to execute PHP code.
Learn to bypass file extension blacklists using alternative PHP extensions and Apache configurations to execute malicious code.
Learn to exploit file upload vulnerabilities using path traversal techniques to bypass execution restrictions and execute malicious PHP code.
Complete guide on SQL Injection: SQL fundamentals, types of injections (Union-based, Error-based, Boolean-based, Time-based), exploitation techniques, and practical examples with code.
Practical guide on RFI vulnerability: how to exploit Remote File Inclusion to execute remote code by including malicious files from an external server.
Learn to exploit file upload vulnerabilities by bypassing Content-Type restrictions to execute malicious PHP code.
Learn to exploit file upload vulnerabilities to achieve remote code execution by uploading a PHP web shell.
Learn to detect blind command injection vulnerabilities using out-of-band techniques with DNS lookups to external servers.
If you like the content and want to support the project, you can buy me a coffee. Your support helps keep the site active and create more quality content.
Buy me a coffeeThanks for your support 🙏