Websec Cybersecurity Blog
Expert insights, trends, research findings, and best practices from our security team to help you strengthen your organization's security posture.
Featured Article
Our most important cybersecurity insight
A Comparison Between the Real User ID and the Effective User ID is not Enough to Prevent Privilege Escalation
In Unix-like systems, processes have a real and effective user ID determining their access permissions. While usually identical, they can differ in situations like when the setuid bit is activated in executables.
Three Non Web-based XSS Injections
In this post guest blogger Alejandro Hernandez (nitr0us) writes about some interesting and fun XSS vectors which are not commonly seen.
Solutions for challenge 2B
A detailed explanation of the SQL Injection challenge 2B and the many solutions used to solve this challenge.
Solutions for challenge 2A
A detailed explanation of the SQL Injection challenge 2A and the many solutions used to solve this challenge.
A series of SQL Injection challenges
I want to introduce three SQL Injection challenges which were created for a CTF, but have yet to be solved... Could you be the first?
Using Burp to exploit a Blind SQL Injection
How to use Burp Suite to automate the process of extracting information from a SQL database through a Blind SQL Injection.