Code on a screen

The Oracle of Code

About code as data

This blog post is a description of the code-as-data approach to source code analysis.

Photo by Sara Kurfeß on Unsplash

XML: eXploitable Markup Language

XPath injection on XML files

How to perform basic XPath injection on an XML file used for authentication? Find it out here...

Man standing in mountain

Stand on the Shoulders of Giants

About software composition analysis

Here we mainly develop a discussion on 'A9' of the OWASP Top 10: Using components with known...

Data has a better idea sign

Will Machines Replace Us?

Automatic detection vs. manual detection

Vulnerability detection by an automated tool is not enough to conclude that an app is secure....

Photo by su fu on Unsplash

The Infinite Monkey Fuzzer

Fuzz testing using American Fuzzy Lop

In this blog post, we are focused on how to perform basic fuzz attacks on desktop Linux C...

Fuzzy caterpillar

Fuzzy Bugs Online

Fuzz techniques for attacking web applications

How to make basic fuzz attacks on web apps? We fuzz over SQL injections on a vulnerable DB...

Cucumber slices

Is Your App in a Pickle?

Documenting vulnerabilities with gherkin

Gherkin can be used for documentation and automated testing. Here we focus on its basics and how...

Person working on the computer while looking at cellphone

Delimiting an Ethical Hacking

How to define the scope of your objectives

When security flaws are found through ethical hacking, it is important to delimit the...

Blank CSV document icon

Is that CSV Secure?

Defining CSV injection vulnerabilities

Comma-Separated Values file is a common extension in data files used in several application...

Hands typing in a text editor

The Importance of Pentesting

Protect your company against Hackers, not Lamers

In this article, we will discuss the importance of Pentesting when protecting our applications.

Text editor with code highlighting

Another Proud Son of JSON

Using JSON Web Token to send data

Here we introduce JSON Web Token, a simple, quick way to send secure, digital signed data from...

Person using a magnifying glass in keyboard

Symbolic Execution for Mortals

What it is and how it works

In this article, we intend to explain an approach to symbolic execution, which is very useful...

Service status - Terms of Use - Privacy Policy - Cookie Policy

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.