CVE-2021-41773 A weakness was discovered in a change to path normalisation in Apache HTTP Server 2.4.49. An attacker could employ a path traversal attack to redirect URLs to files outside of the folders specified by Alias-like directives. If files outside of these folders are not protected by the default “require Read more
What is the command injection? Command injection is the web application vulnerability that allows an attacker to execute the arbitrary system command on the server where the application is running. This vulnerability leads to fully compromised server by remote code execution and its data. Impact : Unauthorized Command Execution Attacker Read more
What is the CSRF Attack ? CSRF is the type of web application security vulnerability that allows an attacker or threat actor to perform actions on the behalf of the authenticated user without their permission or consent. The Impact of this vulnerability is significant if the sensitive action is perform Read more
Cyber Security is a fast-growing and in-demand field with a lot of opportunities for those interested in pursuing a career in this area. With the increasing number of cyber threats and attacks, businesses and organizations of all sizes are looking for skilled professionals who can help them protect their networks, Read more
Enumeration is one of the most crucial phases of web application testing or bug bounty seeking. The first assault on the target network is enumeration. It involves either actively or inactively gathering data on the target. Sub-domain enumeration is the process of discovering sub-domains for one or more domains. It Read more
This blog will attempt to explain what social engineering is. How an attacker creates a plan to hack an organization using a simple social engineering tricks. What is Social Engineering ?? Social engineering is a type of cyber attack in which hackers manipulate people into providing sensitive data and account Read more