Knowledge base: Hacking
In this section we share our knowledge about hacking.
 |
Blind SQL InjectionWith blind SQL injections, an attacker can extract information from the database without the application returning a response. |
 |
What is Server-side request forgery (SSRF)?Server side request forgery is een aanval waarbij de server een request doet die het niet zou moeten doen. |
 |
CVE-2016-7941 – XSS in Netgear ProSAFE switchesA tale about the discovery of CVE-2016-7941, XSS in Netgear ProSAFE switches, which was discovered quite some time. |
 |
Entity injectionEntity injection attacks can attack applications and cause data leaks. This happens when the XML parser is incorrectly configured. |
 |
Upgrade NetCat shellBy default, a NetCat shell is limited and prone to errors. With a few simple commands it can be upgraded to a fully interactive shell. |
 |
What is clickjacking?Clickjacking, sometimes called "UI redressing", is a way of stealing a well placed click from a victim. The goal of the attack is to trick a user to perform an action without the consent of a user, which benefits the attacker. Clickjacking is usually combined with social engineering and security flaws. |
 |
OWASP top 10OWASP is an organization committed to a safer world. This organization periodically publishes a list of the 10 most common vulnerabilities in websites, the OWASP top 10. This list gives you an idea of what CyberAnt pays attention to when we test your website. |
 |
The risk of .DS_StoreMacOS creates a hidden file called .DS_Store in some cases. In this article, we explain what the risks are when this file accidentally ends up in the wrong place and how this can be prevented. |