Common SQL Injection Attacks

SQL Injection attacks are still a threat to current web applications, despite their long history. In this article, we discuss the most common SQL Injection attack techniques with concrete examples from DVWA (Damn Vulnerable Web Application).

Satyam Singh

Published at: 23 Apr 2019

13 min read

Read the article titled detect-injection-flaws-with-pentest-tools.com_.webp

How to detect injection flaws with Pentest-Tools.com

Whether you’re a penetration tester, bug bounty hunter, or security pro, you’re probably familiar with all the OWASP Top 10 vulnerabilities affecting web applications.

Cristian Cornea

Published at: 19 Mar 2021

11 min read

Read the article titled sql-injection-magento-sqlmap.webp

Exploiting SQL Injection in Magento Using Sqlmap

In this article we show a new method of exploiting the critical SQL Injection vulnerability in Magento (CVE-2019-7139), using the well known SQLMap tool.

Alexandru Postolache

Published at: 14 Jun 2019

10 min read

laravel application securitylaravel-application-security-guide.webp

Securing Your Laravel Application: A Comprehensive Guide

As someone who has worked with the Laravel framework for years, I've seen firsthand the importance of taking security seriously. I've seen how simple mistakes lead to disastrous consequences, and I've also seen the benefits of a secure and well-maintained Laravel application.

Cosmin Coman

Published at: 11 Apr 2023

23 min read

Read the article titled exploiting-ognl-injection-apache-struts.webp

Exploiting OGNL Injection in Apache Struts

Let’s understand how OGNL Injection works in Apache Struts. We’ll exemplify with two critical vulnerabilities in Struts: CVE-2017-5638 (Equifax breach) and CVE-2018-11776.

Ionuț Popescu

Published at: 14 Mar 2019

24 min read

Read the article titled new-vulnerabilities-scanners-added-on-pentest-tools.com_.webp

[New scanners] Find Associated Domains, Password Auditor, and 2 more new tools

Vulnerability scanners are essential tools for penetration testers who need to assess the security of their servers, sites, or networks. That’s why we focus on adding new scanners on Pentest-Tools.com to help our customers discover critical security flaws quickly and effectively.

Ioana Rijnetu

Published at: 25 Jul 2019

3 min read

log4j vulnerabilitylog4j-vulnerability.webp

Log4J - why some CVEs (almost) never disappear

Unless you’ve been on a sabbatical for the past year, you probably know how a critical vulnerability known as Log4shell took over the world.

Kelyan Yesil

Published at: 07 Apr 2023

7 min read

Read the article titled website-vulnerability-scanner-security-assessment.webp

How to do a Basic Website Vulnerability Assessment with Pentest-Tools.com

Let’s see how to perform a basic security evaluation of your web application with the tools from Pentest-Tools.com.

Adrian Furtuna

Published at: 24 May 2019

5 min read

Read the article titled full-website-vulnerability-assessment.webp

How to do a full website vulnerability assessment with Pentest-Tools.com

As a pentester, I have a good day when my workflow is smooth and uninterrupted. Pushing routine tasks to the background (sweet automation!) helps me stay focused. It frees up my mind to work on interesting findings and attack sequences that not everyone can see. Plus, it feels good to be productive and get stuff done!

Daniel Bechenea

Published at: 31 Mar 2021

12 min read

2021 highlights on Pentest-Tools.com2021-highlights-on-Pentest-Tools.com.png

Year in review: 2021 on Pentest-Tools.com

Security is the gift that keeps on giving and never have we felt it like we did this year.

Andra Zaharia

Published at: 28 Dec 2021

11 min read

Read the article titled new-platform-improvements-available-pentest-tools.com_.webp

Customized white label, website scanner improvements & other platform updates

Here are 7 platform improvements we deployed in the current update to make Pentest-Tools.com a valuable asset for your pentesting toolbox.

Ioana Rijnetu

Published at: 20 Aug 2019

3 min read

Read the article titled November-2021-updates-on-Pentest-Tools.com.png

November updates for powerful workflows, including detection for Log4Shell

Giving you the tools you need right now to speed up detection and reporting is always our top priority. Especially when your work is essential to effectively prioritize remediation. So, with every monthly update, we strive to do just that.

Ioana Rijnetu

Published at: 16 Dec 2021

4 min read