Phishing: Methodology, Common Techniques and Tools We can’t talk about social engineering without mentioning phishing. Similarly, email is essential when it comes to phishing. Although there are ... 05.08 Phishing & Social Engineering
Account Takeover Techniques and Security Best Practices Account takeover is a common practice that threatens the security of users and their data. The impact on victims depends on the type of account target... 22.07 Applications
SAML: How it Works, Vulnerabilities and Common Attacks Secure identity and access management has become a key challenge for organisations. Among the solutions available, Security Assertion Markup Language ... 19.07 Applications
Understanding NTLM Authentication and NTLM Relay Attacks In an office environment, user workstations generally use Windows operating systems and therefore authenticate using protocols developed by Microsoft.... 08.07 Infra & Network
Exploring LLM Vulnerabilities and Security Best Practices You’ve probably heard about the arrival of LLMs in a big way, at least with ChatGPT. LLM (Large Language Model) refers to language processing mo... 13.05 Applications
GraphQL API Vulnerabilities, Common Attacks and Security Tips Developed in 2012 and made open source in 2015 by Facebook, GraphQL (Graph Query Language) has been under the umbrella of the GraphQL Foundation since... 13.05 Applications
Identification and Authentication Failures: OWASP Top 10 #7 Authentication and, by extension, user identification are central to web applications. These two mechanisms are used to manage rights and access (for ... 15.04 Applications
Modifying Java Serialized Objects as Easily as JSON Often, when we hear about Java serialization, we find resources or challenges that only talk about generating and executing ysoserial payloads. In som... 11.04 Applications
What is a DoS Attack? Types, Exploitations and Security Tips In the space of 5 years, the number of Denial of Service (DoS) attacks has almost doubled. The result is the paralysis of tens of millions of web plat... 11.04 Applications
Black Box Penetration Testing: Objective, Methodology and Use Cases During a penetration test, we generally consider 3 test conditions: black, grey or white box. These test conditions correspond to the levels of inform... 11.03 Applications
White Box Penetration Testing: Objectives, Methodology and Use Cases When pentesting a web application, an API or an internal network, there are generally 3 approaches: black box, grey box and white box testing. These a... 29.02 Applications
