Security Code reviewing is a tedious task specially when you do it with primitive tools and techniques like grepping or die() Visual Studio Code is a powerful IDE from Microsoft and I think it’s the best product from Microsoft in the past few years. Hence we can make a use of it to debug PHP […]
While code reviewing a PHP web application last weekend I was happy to find a SQL injection vulnerability quickly in a search function. it was a time-based one and verified with a simple sleep() command So I decided to launch SQLmap to automate the rest of the exploitation part, However turned out things did not […]
All of us have projects to be finished and many people do not continue their projects for different reasons. In this post I will talk about a routine usually I do follow to help me finishing my projects, I hope you find it useful. I call this routine The Cook Model. this routine is simple […]
In this post I will talk about a special type of reverse shell, I like this type of shell because mostly you can use tools already exist on your target. But before start talking about Bash Reverse Shell in details, I would like to mention some limitations about this type of shell: You can’t use […]