Categories • Page 5/5
Security research
Here’s where our security researchers analyze and share insights about the latest vulnerabilities, providing details on how they work, or how to exploit them.
![Read the article titled Analysis of recent Exim mail server vulnerabilities](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2Fexim-server-rce-vulnerabilities%2Fexim-mail-server-vulnerabilities-1-1.webp&w=1536&q=100)
Analysis of recent Exim mail server vulnerabilities
For the past months, multiple critical vulnerabilities were found in Exim mail servers that could allow attackers to gain remote access and perform malicious activities: CVE-2019-16928, CVE-2019-15846, and CVE-2019-10149.
- Author(s)
- Published at
- Updated at
![Read the article titled How to exploit the BlueKeep vulnerability with Metasploit](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2Fbluekeep-exploit-metasploit%2Fexploit-bluekeep-vulnerability-metasploit.webp&w=1536&q=100)
![Read the article titled BlueKeep, the Microsoft RDP vulnerability - What we know so far](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2Fmicrosoft-rdp-vulnerability%2Fbluekeep-technical-breakdown-pentest-tools.com_.webp&w=1536&q=100)
BlueKeep, the Microsoft RDP vulnerability - What we know so far
BlueKeep is a critical security flaw found in Microsoft Remote Desktop Services that was making the headlines for the past two months. In this article, we explore the key facts about this vulnerability.
- Author(s)
- Published at
- Updated at
![Read the article titled Exploiting SQL Injection in Magento Using Sqlmap](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2Fexploiting-sql-injection-in-magento-with-sqlmap%2Fsql-injection-magento-sqlmap.webp&w=1536&q=100)
![Read the article titled Analysis of a WordPress Remote Code Execution attack](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2F10.-analysis-of-a-wordpress-remote-code-execution-attack.png&w=1536&q=100)
Analysis of a WordPress Remote Code Execution attack
This article shows our analysis of a known attack (presented in February 2019) against WordPress versions 5.0.0 and lower, awarding an intruder with arbitrary code execution on the webserver. The article covers each exploitation step and HTTP request required for a successful attack.
- Author(s)
- Published at
- Updated at
![Read the article titled Exploiting OGNL Injection in Apache Struts](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2Fexploiting-ognl-injection-in-apache-struts%2Fexploiting-ognl-injection-apache-struts.webp&w=1536&q=100)
![Read the article titled Inside Nmap, the world’s most famous port scanner](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2Fnmap-port-scanner%2Fhow-to-use-nmap-to-scan-1.webp&w=1536&q=100)
![Read the article titled Essential HTTP Headers for securing your web server](/_vercel/image?url=https:%2F%2Fcontent.pentest-tools.com%2Fassets%2Fcontent%2Fessential-http-security-headers%2Fhttp-headers-securing-web-server.webp&w=1536&q=100)