Ethical hacking & pentesting blog
Come for the PoCs and security research focused on new CVEs and stay for the ethical exploitation guides and how-tos our offensive security specialists create.
Get fresh security research
In your inbox. (No fluff. Actionable stuff only.)



Security research
Analysis of a WordPress Remote Code Execution attack
This article shows our analysis of a known attack (presented in February 2019) against WordPress versions 5.0.0 and lower, awarding an intruder with arbitrary code execution on the webserver. The article covers each exploitation step and HTTP request required for a successful attack.
- Author(s)
- Published at
- Updated at



Platform updates
An enhanced version of our Website Vulnerability Scanner
To check the security of a web application or server, you need an automated scanner to save time spent on manual work. Our Website Vulnerability Scanner does that and much more (including detecting widespread vulnerabilities like Log4Shell)!
- Author(s)
- Published at
- Updated at