Web App Hacking
Building and Extending a PHP Web Shell
Apr 27 Web App Hacking

A **web shell** is a script that enables an attacker to gain remote control over a web server. It is especially useful for **post-exploitation tasks**, allowing an attacker to execute arbitrary....

Error based SQL Injection
Apr 26 Web App Hacking

In the previous example, we saw how a classic [SQL Injection Login Bypass](https://hacksland.net/sql-injection-login-bypass) works. SQL Injection is not all about that. The real fun is we can extract....

Out of Band SQL Injection
Apr 26 Web App Hacking

Normally in SQL Injection, the attacker: Sees direct errors, or Infers information through page behavior or timing. But Out-of-Band SQL Injection is different: OOB SQLi relies on making....

Time based Blind SQL Injection
Apr 26 Web App Hacking

Blind SQL Injection happens when: There is a SQL injection vulnerability, BUT the application does not show any SQL errors or query outputs directly. In this case, an attacker has to ask....

Boolean based Blind SQL Injection
Apr 26 Web App Hacking

Blind SQL Injection happens when: There is a SQL injection vulnerability, BUT the application does not show any SQL errors or query outputs directly. In this case, an attacker has to ask....

SQL injection login bypass
Apr 26 Web App Hacking

SQL Injection (SQLi) is one of the oldest and most fundamental web application vulnerabilities. While it’s becoming rarer in modern web apps due to better coding practices and frameworks,....

Common Web Application Attacks
Apr 26 Web App Hacking

Web applications are one of the most targeted surfaces by attackers. This is primarily because they are accessible over the internet, making them exposed and potentially vulnerable. Since these....

How stack works in function call
Mar 23 Web App Hacking

## The Stack in Computer Science The stack is an important concept in computer science. If you are planning to learn reverse engineering, malware analyzing, exploitation, etc., this concept is a....

Reverse TCP shell with Metasploit
Mar 23 Web App Hacking

Metasploit is an awesome tool which is. It can automate the exploitation process, generate shellcodes, use it as a listener, etc. I hope to start a tutorial series on the Metasploit framework and its....

Build A Simple Web shell
Mar 23 Web App Hacking

A web shell is a type of code that hackers use to gain control over a web server. It is particularly useful for post-exploitation attacks, and there are various types of web shells available. Some of....

 OWASP Top 10 explained - 2021
Mar 03 Web App Hacking

The Open Worldwide Application Security Project (OWASP) is a nonprofit foundation focused on improving the security of software. It provides free, vendor-neutral tools, resources, and standards that....

Common Web Application Technologies
Feb 11 Web App Hacking

# JWT - JSON Web Tokens JWT is short for JSON Web Token. It is a compact and secure way to send information between two parties – like a client (browser) and a server. We usually use JWTs....

Remote Command Execution
Mar 23 Web App Hacking

Remote Command Execution (RCE) is a critical security vulnerability that allows an attacker to execute arbitrary commands on a remote server. This vulnerability can lead to unauthorized access, data....