OGNL Injection Decoded

Hello readers! In this blog post, our Senior Consultant Aditya has discussed the infamous Object Graph Navigation Language (OGNL) injection vulnerability. He explains the vulnerability details, prerequisites, attack vectors, how the vulnerability works in the background, recommendations, practice labs, and more. OGNL was introduced in 2002 and is widely used in Java-based web applications. It

PHP Type Juggling Simplified

Greetings to all. In this blog post, our Principal Consultant Rohit Misuriya has talked about the PHP Type Juggling vulnerability. The per-requisites, attack vectors, exploitation scenarios, recommendations, practice labs, and more information about the issue has been provided by him in this blog. Since its introduction, PHP has maintained a prominent level of popularity, and

Uber has been HACKED By a Teen

Uber says it’s investigating a “cybersecurity incident” and alerted the law-enforcement authorities. The alleged hacker, who claims to be an 18-year-old, says they have administrator access to company tools including Amazon Web Services and Google Cloud Platform. The New York Times reports that the ride-hailing business has taken multiple internal systems, including Slack, offline while it investigates the breach. The alleged breach had reportedly forced Uber to take several internal communications and engineering systems offline.

Demystifying PHP Object Injection

Hello readers, in this blog post, our consultant Aditya has discussed the PHP Object Injection vulnerability. He explains the vulnerability details, minimum requirements, vulnerability techniques, vulnerability chaining with other vulnerabilities, recommendations, practice labs, and much more.

Arrange a Callback

    Contact us
    Close