Search
48 results for "SQL injection"
Security research
Throwing a spark into FuelCMS
FuelCMS v1.5.2 might be an older, largely unmaintained project, but its codebase is still highly combustible. In our latest research sprint, we uncovered seven new vulnerabilities lurking under the hood. Read the full article to see the raw HTTP requests, learn how we bypassed brute-force rate limits, and watch us turn simple template syntax into a full system compromise.
- Author(s)
- Published at
- Updated at
Milestones
Year in review: from routine to results in 2025
Security teams had to cover more assets, respond to more CVEs, and explain more findings to more people than ever. And not just explain them - defend them. In front of clients. In front of auditors. In front of leadership that wants to know what actually changed since the last in-depth test.
- Published at
- Updated at
Security research
How we built an exploit for SessionReaper, CVE-2025-54236 in Magento 2 & Adobe Commerce
Here's how we weaponized SessionReaper (CVE-2025-54236) against Magento 2, chaining ServiceInputProcessor quirks and a session proxy setter to forge customer sessions and hijack accounts. Our lab-tested PoC exposes attack surface, a possible preauth RCE, and an automated exploit - a practical walkthrough for researchers who like coffee strong and bugs reliable.
- Published at
- Updated at
Hacking tutorials
How web cache poisoning works and how to exploit it
Elevate your next pentest by exploiting web cache poisoning. This deep dive uncovers the RFC nuances, common misconfigurations, and unkeyed request components that transform low-severity injections into critical, widespread compromises. Learn practical detection, exploitation (with PoCs!), and advanced mitigation techniques to weaponize your findings.
- Author(s)
- Published at
- Updated at
Security research
Benchmarking our Website Vulnerability Scanner and 5 others
In February 2024, we set out to compare our Website Vulnerability Scanner against some of the established names in Dynamic Web Application Security Testing, both commercial and open-source: Burp Scanner, Acunetix, Qualys, Rapid7 InsightAppSec, and ZAP.
- Author(s)
- Published at
- Updated at
Security research
Benchmarking our Network Vulnerability Scanner and 6 others
In January 2024, we decided to evaluate the most used network vulnerability scanners - Nessus Professional, Qualys, Rapid7 Nexpose, Nuclei, OpenVAS, and Nmap vulnerability scripts - including our own, which industry peers can validate independently. Here’s why we did it, what results we got, and how you can verify them (there’s a white paper you can download with access to all the results behind this benchmark).
- Author(s)
- Published at
- Updated at
We think we know podcast
We think we know you can't attack what you don't understand
Gabrielle isn't just a pentester; she's a powerhouse of knowledge, an advocate for cyber education, and a mentor shaping the future of ethical hacking. With 9+ years of experience in cybersecurity, she focuses on sharing it with her community members through practical and valuable resources. In this episode, we continue to ask the meaningful questions: What makes a great pentester? How can you balance the art of manual testing with the efficiency of automation? What is the unique value that pentesters bring to offensive security? And what can't be commoditized in this craft?
- Author(s)
- Published at
- Updated at
We think we know podcast
We think we know what it takes to build hacking tools
Why would someone spend a lot of their time making penetration testing tools? Especially when it takes what it takes to maintain them. Today on We think we know, we're peeling back the layers of offensive security with the enigmatic Panagiotis Chartas, also known by his alias - Telemachus - a nod to his Greek heritage and the strategic depth of his expertise.
- Author(s)
- Published at
- Updated at
