Error based SQL Injection in “Order By” clause (MSSQL)

Posted on Posted in Hacker News, Paper

Introduction: SQL Injection AKA mother of hacking is one of the notorious and well known vulnerability which has caused lots of damage to cyber world. Researchers has published lots of stuff on different-2 exploitation techniques for conducting various type of attacks including accessing data stored in database, reading/writing code from/to server using load and into […]

Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques

Posted on Posted in Hacker News, Paper

Skilled attackers continually seek out new attack vectors while employing evasion techniques to maintain the effectiveness of old vectors in an ever-changing defensive landscape. Numerous threat actors employ obfuscation frameworks for common scripting languages like JavaScript and PowerShell to thwart signature-based detections of common offensive tradecraft written in these languages. However, as defenders’ visibility into […]

Cross Site Scripting ‘XSS’ in a Nutshell

Posted on Posted in Hacker News, Tutorial's

What is XSS? Cross-Site Scripting (XSS) is a code injection attack that allows an attacker to execute malicious JavaScript in another user’s browser. The attacker exploits an XSS vulnerability in a website that the victim visits, in order to deliver the malicious JavaScript through the website to the victim’s browser, the malicious JavaScript appears to […]


Posted on Posted in Hacker News

Cookies sind kleine Dateien, die es ermöglichen, auf dem Zugriffsgerät der Nutzer (PC, Smartphone o.ä.) spezifische, auf das Gerät bezogene Informationen zu speichern. Sie dienen zum einem der Benutzerfreundlichkeit von Webseiten und damit den Nutzern (z.B. Speicherung von Logindaten). Zum anderen dienen sie, um die statistische Daten der Webseitennutzung zu erfassen und sie zwecks Verbesserung […]