All modern websites are composed of 3 fundamental components: HTML, CSS, and Javascript. HTML creates structure, CSS is used for styling, and Javascript provides user interactivity, functionality, and automation through…
In this lab exploring HTML forms-based authentication, I will use Burp Suite to fuzz a given username in order to discover a valid password combination. “Fuzzing” in the context of…
An interception proxy is a must-have tool in any web application penetration tester’s arsenal. In brief, an interception proxy is an application downloaded on a host computer and sits in-between…
In the world of digital forensics, we can envision data as belonging to two distinct categories. Those categories are either volatile, or non-volatile states of data (Mohanta, 2020). Volatile data…
It is difficult to ignore how the internet has now made it possible to cause harm in a digital environment (McGovern, 2018). According to Western interpretations of proper jurisprudence and…
Once a vulnerability is discovered in any given IT system, one common payload a malicious attacker often wants to deliver is a reverse shell. From the black-hat attacker’s perspective, he…
In today’s modern tech-centered business environment, corporations like Facebook, Google, and Amazon have collected extensive analytics of users’ online digital behavior in order to build, maintain, and increase their market…
Nmap is an extremely powerful, free and open-source network mapping utility that can be used for many purposes. In this post, I provide a brief overview of what Nmap can…
In this writeup, I will cover how a custom script in python “knows” to read text input by the user written at the command line. In line 1, the sys…