Search • Page 12/12

Search the Pentest-Tools.com Blog

Exploiting SQL Injection in Magento Using Sqlmap

In this article we show a new method of exploiting the critical SQL Injection vulnerability in Magento (CVE-2019-7139), using the well known SQLMap tool.

Author(s)

Alexandru Postolache

Published at: 14 Jun 2019

Hacking tutorials

How to do a Basic Website Vulnerability Assessment with Pentest-Tools.com

Let’s see how to perform a basic security evaluation of your web application with the tools from Pentest-Tools.com.

Author(s)

Adrian Furtuna

Published at: 24 May 2019

Platform updates

Announcing our managed pentesting services for web applications

Checking for vulnerabilities and how attackers could exploit them provide valuable insights on how you can improve your company’s security posture.

Author(s)

Ioana Rijnetu

Published at: 23 May 2019

Security research

Analysis of a WordPress Remote Code Execution attack

This article shows our analysis of a known attack (presented in February 2019) against WordPress versions 5.0.0 and lower, awarding an intruder with arbitrary code execution on the webserver. The article covers each exploitation step and HTTP request required for a successful attack.

Author(s)

Razvan Ionescu

Published at: 21 May 2019

Platform updates

A faster, enhanced version of the advanced pentest reporting feature

Writing a pentest report about the results of your vulnerability assessment doesn’t have to be a difficult, time-consuming task.

Author(s)

Ioana Rijnetu

Published at: 15 Mar 2019

Security research

Exploiting OGNL Injection in Apache Struts

Let’s understand how OGNL Injection works in Apache Struts. We’ll exemplify with two critical vulnerabilities in Struts: CVE-2017-5638 (Equifax breach) and CVE-2018-11776.

Author(s)

Ionuț Popescu

Published at: 14 Mar 2019

Platform updates

An enhanced version of our Website Vulnerability Scanner

To check the security of a web application or server, you need an automated scanner to save time spent on manual work. Our Website Vulnerability Scanner does that and much more (including detecting widespread vulnerabilities like Log4Shell)!

Author(s)