Exploiting SQL Injection: a Hands-on Example

Exploiting SQL Injection: a Hands-on Example

In this series we will be showing step by step examples of common attacks. We will start off with a basic SQL injection exploitation of a web application and then privilege escalation to O.S root. SQL Injection is one of the most dangerous vulnerabilities a web application can be prone ... Read More
PHP Security Part 5: Top Tips

PHP Security Part 5: Top Tips

This final part in the series on PHP security concludes with tips for building a web application/system with security in mind. There are certain things which if done during the development cycle of a web application, will dramatically help reduce the risk of being exposed to a critical vulnerability. Some ... Read More
PHP Security Part 4: Input Validation and PHP Configuration

PHP Security Part 4: Input Validation and PHP Configuration

Validation Validation is the process in which data is checked against specific criteria/specification. It is being used to check if the information given by a user is in the expected/correct format before it is processed. Validation is very important as if used correctly, it allows a user to identify and ... Read More
PHP Security Part 3: XSS and Password Storage

PHP Security Part 3: XSS and Password Storage

When developing a web application, it is extremely important to have security in mind and be aware of the different risks. If one does not know the risks and the mechanics behind each vulnerability, there is no way to protect against it. In Parts 1 and 2 in this Series ... Read More
PHP Security Part 2: Directory Traversal & Code Injection

PHP Security Part 2: Directory Traversal & Code Injection

Most web vulnerabilities are a result of bad coding habits or lack of PHP security awareness by developers. The source of probably all of them relies in the fact that user input, which plays a critical role in the security of a web application, is being trusted. This is probably ... Read More
PHP Security: The Big Picture

PHP Security: The Big Picture

Whether your site is the web presence for a large multinational, a gallery showing your product range and inviting potential customers to come into the shop, or a personal site exhibiting your holiday photos, web security always matters. No matter what programming language you use to develop your site, after ... Read More