Privacy & Cookies

This website uses cookies. By continuing to use this site you are agreeing to our use of cookies.

Hacking and Security Articles

  • Practical Applications of Cross Site Scripting (XSS)

    Website Security
    Prerequisites Throughout this paper, many scripting languages will be used to provide proof-of-concept and other examples for the benefit of the reader. A basic understanding of these languages is required in order to completely understand the concepts that are conveyed herein; that being said, a la... continue reading
  • Second Order SQL injections

    Website Security
    INTRODUCTION There are a good numbers of SQL injections. One of the most difficult to detect and to exploit are Second Order SQLi. We can definy First Order SQLi as the "classical" and more frequent vulnerability in which we edit a legit query with our own code in the same SQL statement i... continue reading
  • Serious vulnerability in Excel sheets (VBA bruteforce)

    Application Security
    Sorry for the Dutch text in the images. I did not have an English version of Office at hand. 1. What is an exploit? I could spend ages trying to explain what an exploit is, luckily there are dictionaries that can explain it in one full sentence: Quote: Ex·ploit A program or system designed to take... continue reading
  • [TED] Hackers: the Internet's immune system

    In this video from 2014, cybersecurity expert Keren Elazari explains how hackers force the world to evolve and improve. If you've never seen it before, take time to watch this video. Of course it's well known from us, but it's always interesting to see things from a global point of view. http://ww... continue reading
  • How To Protect SSH With Two-Factor Authentication

    Introduction To protect your SSH server with an two-factor authentication, you can use the Google Authenticator PAM module. Every time you connect you have to enter the code from your smartphone. Attention: If you activate the google-authenticator for a normal user but not for root you can't login... continue reading