i May 2016 – All things in moderation

Monthly Archive: May 2016

Webgoat attack blind SQL injection

This example using webgoat lab. You can download from: https://sourceforge.net/projects/owaspbwa/ Download tool Jhijack from: http://yehg.net/lab/pr0js/files.php/jhijackv0.2beta.zip Blind Numberic SQL injection Response analysis If( true) return : Account number …

By Cyclone May 17, 2016

Testing for HTTP Verb Tampering

Network Security

Summary The HTTP specification includes request other than the standard GET and POST request.A standards compliant web server may respond to these alternative methods in ways …

By Win Stark May 14, 2016

[Burp Suite] Using Burp Proxy

Network Security

Configuring your browser to work with Burp suite First , on Burp suite make sure your configuration like the picture below, further you can edit port …

By Win Stark May 6, 2016

All things in moderation

Monthly Archive: May 2016

Webgoat attack blind SQL injection

Testing for HTTP Verb Tampering

[Burp Suite] Using Burp Proxy

Alvasky JSC

Keep your data in secure