How White-Box hacking works: XSS + CSRF in Arunna
Several vulnerabilities were recently discovered by Lyhin’s Lab in Arunna, which the main purpose, as they say, is “connecting the clouds”. […]
Read More →Several vulnerabilities were recently discovered by Lyhin’s Lab in Arunna, which the main purpose, as they say, is “connecting the clouds”. […]
Read More →When a demanding customer asks a penetration tester to provide the exact commands on how to remediate the issue, what should […]
Read More →Legend has it that Ernest Hemingway won a bet by capturing a single screenshot that will make you cry. Latest commit: 8a995dd29dfe1293c62a0237cddca2e4fd8b7f61 Severity: 8.6 (High) […]
Read More →This short article defines the TODAY model, which is a 5-step guide of how to create pen-test reports in an efficient […]
Read More →A bit outdated, nevertheless is beautiful in terms of ethical hacking – photoshow is an open source web application with 490 […]
Read More →In case of multiple Stored XSS with the strict size limitation – consider the following exploitation technique; it would work, even […]
Read More →There is a stored XSS vulnerability in the ‘ntopng web application’ community edition version 4.1.200612. This vulnerability allows a malicious individual […]
Read More →The simplest way of how to find and exploit Data Protection API misconfigurations: Install the demo version of iExplorer tool on […]
Read More →Recently, Lyhin’s Lab decided to take a more challenging application. OroCRM v4.1.6: Has 785 stars and 260 forks on Github PHP […]
Read More →I suppose you want to discover how the pre-defined mobile application interacts with the filesystem and precisely understand what happens on […]
Read More →