Profile cover photo
Profile photo
Dollar Strike
The More You Learn The More You Play ...!
The More You Learn The More You Play ...!
About
Dollar's posts

Post has attachment
Recently I came to know a Tester/Developer friendly Test Automation tool Katalon Studio. I am really impressed with the provided features of Katalon Studio 4.5. I have seen all features which are required for Test Automation. I can say this is a…

Post has attachment
As you already familiar with the subject SQL injections from the previous article part 1, we will quickly dive into exploitation with SQLi. Login to your bWAPP and select vulnerability SQL Injection (Login Form/Hero). As stated in previous post, we need…

Post has attachment
Though there are many vulnerabilities, SQL injection (SQLi) has it’s own significance. This is the most prevalent and most dangerous of web application vulnerabilities. Having this SQLi vulnerability in the application, an attacker may cause severe damage…

Post has attachment
What is Server side include Before knowing what exactly it is, I would ask you a simple question. Let’s assume that you need to develop an application of 100 pages with dynamic content. And each page must have a Header, Footer, Logo. What would be your…

Post has attachment
Compared with other types of HTML injections, this would be quite interesting. We can easily trick others with this injection. You can create duplicate login screen, you may inject the code to trick users to click on it. Basically, this HTML stored…

Post has attachment
From the previous article we came to know how to find and exploit HTML injection with HTTP verb ‘GET‘. Now we will inject with method ‘POST‘. Pass some values in first name and last name and click on ‘Go’. There’s no much difference in the exploits but…

Post has attachment
Now you know what exactly is HTML injection from my previous article. It’s time to break some code. Once you login to bWAPP, you should see a dropdown ‘Choose your bug‘. Then select HTML injection- Reflected GET and click on Hack button.

Post has attachment
What is HTML injection? As you know, HTML is used to design web pages. Yes, you’re right. But what happens if developer forget to sanitize the user input. What happens if developers doesn’t predict when a hacker use the application. Do you know what all…

Post has attachment
To excel at penetration testing, you need to have your lab for practise/research. I would suggest one to use virtual machines which are free in the market. I would go with VMware Workstation rather than Virtual box, it’s just my personal option. You can…

Post has attachment
Kali Linux is an Debian based operating system which is used for Penetration Testing. With Kali hacking becomes much easier since you have all the tools in built. You may find more about Kali over here Prerequisites Download Kali Linux iso based on your…
Wait while more posts are being loaded