How to Exploit “improper error handling” in Web Applications
In this article we’ll discuss and demonstrate how improper error handling can be exploited in Web Applications. We’ll also discuss how various types of error handling can introduce various types of attack vectors.
Security Engineer vs. Software Engineer
Security Engineer vs. Software Engineer Post Views: 171 Patreon: Premium Content Subscribe to Patreon to watch this episode. Reading Time: 5 Minutes Introduction With the world of technology evolving so quickly, a lot of career paths are born with it. Computer...
Common and Uncommon types of SQL Injection
In this article, we’ll explain some of the most common and uncommon types of SQL Injection. We’ll also discuss how these attacks can impact your company and your customers, and show you the measures you need to take to mitigate and minimize such risks.
Google Dorking: Manual and Automated Methods for finding Hidden Information
In this article, we will showcase how to effectively use Google Dorking to uncover hidden and sensitive information on websites. Google Dorking enables security researchers to proactively discover and address potentially sensitive information that might not be intended for public access.
The Difference between White-Box and Black-Box Pentesting
The Difference between White-Box and Black-Box Pentesting Post Views: 47 Reading Time: 3 Minutes Introduction Each Pentesting solution is different, with varying expertise and specialties. Before you decide who will perform it and which approach you will take, it’s...Recent News
State-Sponsored Attack Hijacks Notepad++ Update Infrastructure to Deliver Malware
Fortinet Fixes Actively Exploited FortiOS SSO Auth Bypass
CISA Flags Actively Exploited VMware vCenter RCE in KEV Catalog
Reprompt Attack Lets Attackers Exfiltrate Data From Microsoft Copilot With a Single Click
Node.js Fixes Critical DoS Flaw That Could Crash “Virtually Every Production App”
Actively Exploited D-Link Router Flaw Enables Unauthenticated Remote Code Execution
Kali Linux 2025.4 Released With 3 new tools, Desktop Overhauls, and Halloween Mode
New Phishing Kits Automate MFA Bypass, AI Email Lures, and Bank Credential Theft at Scale
Malicious VS Code Extensions Infect Developers With Infostealers and Session Hijackers
React2Shell – Critical Bug Exposes React Server Components to Unauthenticated Remote Code Execution