2024-9405 Local file inclusion (LFI) is a vulnerability in web applications that allows attackers to access and execute files on a web server. Pluck CMS is a free, open-source, flat-fil...

10 Ways to Bypass WAF 1. Payload Encoding and Obfuscation Common encoding techniques are: Hex encoding : char —> hex equivalent Base64 encoding : entire payload —> base64 string U...

1. Basics Centralized vs Decentralized vs Distributed Blockchain Generic Elements of a Blockchain Hash Function Merkle Tree Blockchain Properties & Limitations Sidechain Cr...

File Upload Vulnerabilities File upload vulnerabilities are when a web server allows users to upload files to its filesystem without sufficiently validating things like their name, type, cont...

Subdomain 1.1 Recon-ng Framework like Metasploit for find subdomains recon-ng use use recon/domain-hosts/ show options set source example.com All subdomains store in hosts and to see it: ...

Information Gathering Passive Recon : No direct interaction with target Active Recon : direct interaction Passive Recon 1.1 WHOIS Lookup Find domain ownership details, registrar info, a...

Daixin Ransomware Attack on Omni Hotels (2024) Omni Hotels & Resorts, a luxury hotel chain, experienced a ransomware attack by the Daixin Team in March 2024. This attack disrupted the com...