Cucumber lot

Gherkin on Steroids

How to document detailed attack vectors

In this post, we work on how to use Gherkin to document attack vectors in vulnerable...

Rusty lock

Requiem for a p455w0rD

Why passphrases are better than passwords

In this blog post, we mainly make a comparison between having weak or complicated passwords...

Code on a screen

The Oracle of Code

About code as data

This blog post is a description of the code-as-data approach to source code analysis.

Photo by Sara Kurfeß on Unsplash

XML: eXploitable Markup Language

XPath injection on XML files

How to perform basic XPath injection on an XML file used for authentication? Find it out here...

Man standing in mountain

Stand on the Shoulders of Giants

About software composition analysis

Here we mainly develop a discussion on 'A9' of the OWASP Top 10: Using components with known...

Data has a better idea sign

Will Machines Replace Us?

Automatic detection vs. manual detection

Vulnerability detection by an automated tool is not enough to conclude that an app is secure....

Photo by su fu on Unsplash

The Infinite Monkey Fuzzer

Fuzz testing using American Fuzzy Lop

In this blog post, we are focused on how to perform basic fuzz attacks on desktop Linux C...

Fuzzy caterpillar

Fuzzy Bugs Online

Fuzz techniques for attacking web applications

How to make basic fuzz attacks on web apps? We fuzz over SQL injections on a vulnerable DB...

Cucumber slices

Is Your App in a Pickle?

Documenting vulnerabilities with gherkin

Gherkin can be used for documentation and automated testing. Here we focus on its basics and how...

Person working on the computer while looking at cellphone

Delimiting an Ethical Hacking

How to define the scope of your objectives

When security flaws are found through ethical hacking, it is important to delimit the...

Blank CSV document icon

Is that CSV Secure?

Defining CSV injection vulnerabilities

Comma-Separated Values file is a common extension in data files used in several application...

Hands typing in a text editor

The Importance of Pentesting

Protect your company against Hackers, not Lamers

In this article, we will discuss the importance of Pentesting when protecting our applications.

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy