Skip to content

Tag Archives: vulnerability

Race condition occurs when multiple threads read and write the same variable i.e. they have access to some shared data and they try to change… Read More
The CTF or Check the Flag problem is posted on VulunHub is a platform that provides vulnerable applications/machines to gain practical hands-on experience in… Read More
PrintDemon is a vulnerability striking Windows system. The vulnerability was identified in the Windows Print Spooler. The vulnerability was first discovered and reported by two… Read More
Vulnerabilities are weaknesses in a system that gives threats the opportunity to compromise assets. All systems have vulnerabilities. Even though the technologies are improving but… Read More
Sybil Attack is a type of attack seen in peer-to-peer networks in which a node in the network operates multiple identities actively at the same… Read More
CORS (Cross-Origin Resource Sharing) is a mechanism by which data or any other resource of a site could be shared intentionally to a third party… Read More
Log Injection is a very simple to carry out attack aimed at web applications. For the attacker its very simple to perform the attack. However,… Read More
Many web applications allows users to submit files in a compressed format (usually zip file format) to reduce the size of the file that is… Read More
Prerequisite – Threat Modelling DFD based Threat Modelling is one of the method to visually represent the system being modelled with other being Process Diagram… Read More
What is Spectre security vulnerability? Spectre is a security vulnerability that affects all modern processors that use mechanisms such as branch prediction and speculative action.… Read More
What is Meltdown security vulnerability? Meltdown, also known as Rogue Data Cache Load, is a security vulnerability that affects microprocessors of the types Intel x86,… Read More
This article explains how to test whether a website is safe from SQL injection using the SQLMAP penetration testing tool. What is SQL Injection? SQL… Read More
This article aims at explaining and exploring the vulnerability in the input() function in Python 2.x. In Python 3, the raw_input() function was erased, and… Read More
Command injection is basically injection of operating system commands to be executed through a web-app. The purpose of the command injection attack is to inject… Read More
A format string is an ASCII string that contains text and format parameters. Example: // A statement with format string printf("my name is : %s\n",… Read More