Finding and exploiting XXE – XML external entities injection
In this article, we will have an in-depth look at how to find and exploit XML External Entity Injection vulnerabilities.
XXE (XML External Entity) as the...
Sahil Dhar
Sahil Dhar is an Information Security Enthusiast having more than two years of hands-on experience in Application Security, Penetration Testing, Vulnerability Assessments and Server Config Reviews. He has also been acknowledged and rewarded by various organizations like Google, Apple, Microsoft, Adobe, Barracuda, Pinterest, Symantec, Oracle etc for finding vulnerabilities in their online services.
An introduction to penetration testing Node.js applications
In this article, we will have a look at how to proceed when penetration testing Node.js applications or looking for Node.js specific issues.
Node.js is a...
Protostar: Finals – Remote Heap Unlink Exploitation
In this article, the two final challenges of Protostar will be solved, and these are the remote Format String and the Heap Unlink Exploitation vulnerabilities.
These...
Exploiting Protostar: Net0 – Final0
In this article, we will be solving all networking challenges and one remote buffer overflow challenge of Protostar.
These levels introduce us to the fundamental...
Exploiting Protostar – Heap Unlink Exploitation
In this article, we will be solving the 4th challenge from Heap Levels of Protostar.
This level introduces us to a very old heap unlink vulnerability where...
Exploiting Protostar – Heap Levels 0-2
In this article, we will be solving Heap Levels of Protostar. We will be mainly focusing at how and why of Heap Buffer overflows.
Heap memory can be viewed...
Exploiting Protostar – Format String Vulnerabilities
In this article, we will be solving format string vulnerability challenges from Protostar VM by exploit-exercises.com. We will also try to automate some boring...
Exploiting Protostar – Stack 4-7
In this article, we will be solving remaining challenges from Protostar VM by exploit-exercises.com.
In this article, we will see how to find and conclude...
Exploiting Protostar – Stack 0-3
In this article, we will be reverse engineering and exploiting simple C programs from Protostar VM by exploit-exercises.com. We will be mainly focusing at how...
Code Review of Node.Js Applications: Uncommon Flaws
This article covers the left-over vulnerabilities from Part-1. In this article, we will have an in-depth look at some uncommon flaws and how to find them while...