Read the article titled pentest-tools.com-december-2021-platform-updates.png

December updates: 6 new ways to make your workflow smoother

Hope 2022 is off to a great start for you! Supporting your security efforts is what we do, so here’s a fresh batch of platform updates we rolled out at the end of 2021. Why check them out? Because they’ll help you get more work done, faster with the same tools and features you know (and hopefully love!).

Ioana Rijnetu

Published at: 20 Jan 2022

4 min read

Read the article titled sql-injection-magento-sqlmap.webp

Security Research

Exploiting SQL Injection in Magento Using Sqlmap

In this article we show a new method of exploiting the critical SQL Injection vulnerability in Magento (CVE-2019-7139), using the well known SQLMap tool.

Alexandru Postolache

Published at: 14 Jun 2019

10 min read

Vulnerabilities

Common SQL Injection Attacks

SQL Injection attacks are still a threat to current web applications, despite their long history. In this article, we discuss the most common SQL Injection attack techniques with concrete examples from DVWA (Damn Vulnerable Web Application).

Satyam Singh

Published at: 23 Apr 2019

13 min read

Read the article titled exploiting-ognl-injection-apache-struts.webp

Security Research

Exploiting OGNL Injection in Apache Struts

Let’s understand how OGNL Injection works in Apache Struts. We’ll exemplify with two critical vulnerabilities in Struts: CVE-2017-5638 (Equifax breach) and CVE-2018-11776.

Ionuț Popescu

Published at: 14 Mar 2019

24 min read