Photo by Cookie the Pom on Unsplash

My Favorite Password: '123456'

You could be a victim of Credential Stuffing


Author: Felipe Ruiz

Category: techniques

Tags: credential,  password,  web,  application,  cybersecurity,  business

I wrote this post to give you an overview of the Credential Stuffing attack and some short...



Photo by visuals on Unsplash

Online Voting for a New President?

The trouble with OmniBallot and other voting platforms


Author: Felipe Ruiz

Category: politics

Tags: security,  cybersecurity,  software,  web,  vulnerability,  risk

In this post, we show you the exposed vulnerabilities of one of the many online voting options...



Photo by Ingo Stiller on Unsplash

Discovering Security Champions

Six recommendations for SecDevOps from Carnegie Mellon


Author: Felipe Ruiz

Category: philosophy

Tags: security,  devops,  software,  information,  web,  cloud

Here you'll learn about Security champions. But first, we give you five recommendations if...



Photo by Kuma Kum on Unsplash

Manual SQLi Bypass

Bypassing SQLi filters manually


Author: Jonathan Armas

Category: attacks

Tags: security,  web,  vulnerability,  ethical hacking

SQL injection can be one of the most dangerous vulnerabilities. Here we will see how to bypass...



Photo by Sebastian Pena Lambarri on Unsplash

Everyone Is Responsible for SEC

An overview of DevSecOps, better SecDevOps


Author: Felipe Ruiz

Category: philosophy

Tags: security,  devops,  software,  information,  web,  cloud

Through this blog post, you will know what DevSecOps is, how it applies, and why it is...



Blacksmith. Photo by Hannah Gibbs on Unsplash: https://unsplash.com/photos/BINLgyrG_fI

Understanding SSRF

Attacking a web server using SSRF


Author: Jonathan Armas

Category: attacks

Tags: security,  web,  vulnerability,  ethical hacking

Here we will see what a Server Side Request Forgery is, how hackers can exploit it, and what are...



Photo by Michael Fenton on Unsplash

Breaking Down DevOps

The central components of DevOps definition


Author: Felipe Ruiz

Category: philosophy

Tags: devops,  software,  information,  web,  cloud,  business

Here we introduce DevOps, a working methodology whose principles are communication,...



Photo by Glen Hooper on Unsplash

Trust Nothing, Verify Everything

Sharing at least a modicum about phishing attacks


Author: Felipe Ruiz

Category: techniques

Tags: social engineering,  information,  web,  software,  cybersecurity,  business

In this post, we give some general ideas about phishing, hoping to contribute to its prevention.



New York City Skyline

Querier Writeup

How to solve HTB Querier


Author: Andrés Tirado

Category: attacks

Tags: security,  htb,  pwn,  web,  windows

Here we explain how to use Querier's insecure configurations to gain system access, and how to...



Fluid Attacks, Among the Top Global Leaders 2018

Among the Top Global Leaders 2018

Fluid Attacks, a top cybersecurity company


Author: Mauricio Gómez

Category: philosophy

Tags: information,  ethical,  web

Fluid Attacks was recognized as a global leader in the Cybersecurity category by Clutch, as one...



Hand holding a pirate toy

Bounty Writeup

How to resolve HTB Bounty


Author: Jonathan Armas

Category: attacks

Tags: security,  htb,  pwn,  web

In this article, we present how to exploit a Bounty machine's vulnerabilities and how to gain...



Developers programming in an office

DevOops Writeup

How to resolve HTB DevOops


Author: Jonathan Armas

Category: attacks

Tags: security,  htb,  pwn,  web

In this article, we present how to exploit the vulnerabilities of DevOops, a Linux Hack the Box...



1 2 >

Fluid Attacks logo Start with Fluid Attacks

Fluid Attacks logo Contact us

OWASP logo

We are a proud corporate member of the OWASP Foundation

Contact Us

Number is valid Number is not valid
Please select an option



Clutch Review

Copyright © 2020 Fluid Attacks, We hack your software. All rights reserved.

Service status - Terms of Use - Privacy Policy - Cookie Policy