Search
22 results for "SQL injection"
Security research
Throwing a spark into FuelCMS
FuelCMS v1.5.2 might be an older, largely unmaintained project, but its codebase is still highly combustible. In our latest research sprint, we uncovered seven new vulnerabilities lurking under the hood. Read the full article to see the raw HTTP requests, learn how we bypassed brute-force rate limits, and watch us turn simple template syntax into a full system compromise.
- Author(s)
- Published at
- Updated at
Milestones
Year in review: from routine to results in 2025
Security teams had to cover more assets, respond to more CVEs, and explain more findings to more people than ever. And not just explain them - defend them. In front of clients. In front of auditors. In front of leadership that wants to know what actually changed since the last in-depth test.
- Published at
- Updated at
Security research
How we built an exploit for SessionReaper, CVE-2025-54236 in Magento 2 & Adobe Commerce
Here's how we weaponized SessionReaper (CVE-2025-54236) against Magento 2, chaining ServiceInputProcessor quirks and a session proxy setter to forge customer sessions and hijack accounts. Our lab-tested PoC exposes attack surface, a possible preauth RCE, and an automated exploit - a practical walkthrough for researchers who like coffee strong and bugs reliable.
- Published at
- Updated at
Hacking tutorials
How web cache poisoning works and how to exploit it
Elevate your next pentest by exploiting web cache poisoning. This deep dive uncovers the RFC nuances, common misconfigurations, and unkeyed request components that transform low-severity injections into critical, widespread compromises. Learn practical detection, exploitation (with PoCs!), and advanced mitigation techniques to weaponize your findings.
- Author(s)
- Published at
- Updated at
Security research
Benchmarking our Website Vulnerability Scanner and 5 others
In February 2024, we set out to compare our Website Vulnerability Scanner against some of the established names in Dynamic Web Application Security Testing, both commercial and open-source: Burp Scanner, Acunetix, Qualys, Rapid7 InsightAppSec, and ZAP.
- Author(s)
- Published at
- Updated at
Security research
Benchmarking our Network Vulnerability Scanner and 6 others
In January 2024, we decided to evaluate the most used network vulnerability scanners - Nessus Professional, Qualys, Rapid7 Nexpose, Nuclei, OpenVAS, and Nmap vulnerability scripts - including our own, which industry peers can validate independently. Here’s why we did it, what results we got, and how you can verify them (there’s a white paper you can download with access to all the results behind this benchmark).
- Author(s)
- Published at
- Updated at
Security research
Securing your Laravel application: A comprehensive guide
As someone who has worked with the Laravel framework for years, I've seen firsthand the importance of taking security seriously. I've seen how simple mistakes lead to disastrous consequences, and I've also seen the benefits of a secure and well-maintained Laravel application.
- Author(s)
- Published at
- Updated at
Milestones
Year in review: 2023 on Pentest-Tools.com
What you're about to see is a blend of worn-out keyboards, stubborn research, gallons of coffee, and a dash of frustration, all catalyzed by listening closely to what you, our customers, really want. Mix all of these and you get more than a product, more than a team that’s growing a company on its own terms.
- Author(s)
- Published at
- Updated at
