Person holding sticky note

Pars Orationis Non Est Secura

Using parser combinators to detect flaws


Author: Rafael Ballestas

Category: attacks

Tags: detect,  injection,  scanner

Learn here how to use Python and pyparsing to parse application code in order to find SQL...



Photo by Sara Kurfeß on Unsplash

XML: eXploitable Markup Language

XPath injection on XML files


Author: Rafael Ballestas

Category: attacks

Tags: xml,  xpath,  injection

How to perform basic XPath injection on an XML file used for authentication? Find it out here...



Fuzzy caterpillar

Fuzzy Bugs Online

Fuzz techniques for attacking web applications


Author: Rafael Ballestas

Category: attacks

Tags: sql,  fuzzing,  injection

How to make basic fuzz attacks on web apps? We fuzz over SQL injections on a vulnerable DB...



OWASP logo

Corporate member of The OWASP Foundation

Clutch Review

Copyright © 2021 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy