Pinned@fuffsecinInfoSec Write-upsSecure Code Review #1: Basics (Getting Started)When it comes to software engineering, you may often hear the phrase “Trust the process,” but when it comes to security, it’s more…Oct 3, 2023Oct 3, 2023
@fuffsecDetection at Scale: Core ChallengesAs teams grow and the scope of detection expands, adapting to the increased scale becomes a critical challenge. This often requires teams…Aug 23Aug 23
@fuffsecinInfoSec Write-upsHoneypot Series #1: Oh Snap! Did My Honeypot Just Get Breached?It was a typical Saturday evening. I was sipping my coffee, scrolling through some logs on my Newly deployed Honeypot when a peculiar…Sep 28, 2023Sep 28, 2023
@fuffsecinSystem WeaknessSSRF Vulnerabilities Unveiled: Exploring the Depths and DefensesServer Side Request Forgery (SSRF) is a server-side vulnerability found in web applications that lets an attacker abuse the server to make…Sep 16, 2023Sep 16, 2023
@fuffsecinInfoSec Write-upsMastering the Mechanics of Command Injection: Unraveling the Web’s Silent ThreatCommand injection is like telling someone to play a specific song on a jukebox, but instead of just picking a song, you sneakily add…Sep 15, 2023Sep 15, 2023
@fuffsecinInfoSec Write-upsInjecting Danger: Understanding Server-Side Template ExploitsSSTI, or server-side template injection, happens when attackers use the structure of templates to insert harmful code that is then executed…Sep 14, 2023Sep 14, 2023
@fuffsecinSystem WeaknessDecoding XML Vulnerabilities: From Basics to Exploits in XML External EntitiesVulnerabilities within XML parsing can act as the exploitation point for many systems. Combined, they can lead to severe consequences…Sep 14, 2023Sep 14, 2023
@fuffsecinInfoSec Write-upsUnmasking Directory Traversal: Navigating Vulnerabilities in Web Applications (Techniques +…In web applications, inadequate input validation can lead to Directory Traversal vulnerabilities. If file operations are conducted using…Sep 14, 2023Sep 14, 2023
@fuffsecinInfoSec Write-upsBehind the Hack: The Mechanics of SQL Injection AttacksHello hackers, Welcome back to my new blog, I hope you all are well!! In this blog, we are going to discuss SQL Injection Attacks…Sep 13, 20231Sep 13, 20231
@fuffsecinSystem WeaknessCrossing Boundaries: A Deep Dive into Cross-Origin Attacks and Their PreventionHello Smart hackers, Welcome back to my new blog, I hope you all are well!! In this blog, we are going to discuss Cross-Origin Attacks and…Sep 12, 2023Sep 12, 2023