Sql Injection using SQLmap with multipart/form-data Encoding

I’ve spent a fair amount of my time examining code for vulnerabilities, I recently began to focus specifically on SQL injection. While investigating this specific type of vulnerability in web applications, I ran across a few examples where the injection point was in a POST request but it wasn’t your straightforward content-type application/x-www-form-urlencoded form.  The The post Sql Injection using SQLmap with multipart/form-data Encoding appeared first on Liquidmatrix Security Digest.
Read more

Vulnerability Researcher to Software Developer: The Dark Side of the Coin

I’ve been finding bugs in software since 1999 or so, I’ve reported over 150 vulnerabilities in that time, ranging from format string vulnerabilities to XSS. I also started developing my own web server in C around 1994.  I did this to learn more about programming and not lose the skills I picked up during my The post Vulnerability Researcher to Software Developer: The Dark Side of the Coin appeared first on Liquidmatrix Security Digest.
Read more