Hello cyberman!This article subject LDAP and hacking with LDAP. First of all, we need to know what LDAP is. The definition LDAP in Wikipeadia: The LDAP (The Lightweight Directory Access Protocol) is an open, vendor-neutral, industry standard application protocol for accessing and maintaining distributed directory information services over an Internet Protocol (IP) network. Directory services […]

Read More

Hello Cyberman!How are u? I hope you fine.This article subject ssrf another back-end system attack method.What is SSRF if you don’t know, read this post. For click read article. Now, We are this attack method maintain with different example. This method name: Another back-end system. If you say how does this work, I telling. Above […]

Read More

Hello Cyberman! This article subject Javascript and its blockeds. Firstly, we need know what is Javascript. What Is The JavaScript? Javascript is a programming language. This technology working in web browsers based. But today, it appeals to many different areas. For example: Desktop App Mobile App Game WEB App or design However, our topic will […]

Read More

  Hello Cyberman, This article subject XML/XPath Injection vulnerability on web app.  What Is The XPath Vulnerability? First, we need learning to XML. It is possible to summarize with a quote from Wikipedia below. XML; Extensible Markup Language (XML) is a markup language and file format for storing, transmitting, and reconstructing arbitrary data.  Yes, as […]

Read More

Hello Cyberman! This article subject os command injection on web app. With this vulnerability, the attacker can run any operating system command in areas allowed by the system. The operating system does not matter. For example: If there is this vulnerability, when the attacker enters a command (like whoami) on the system, he/she will see […]

Read More

Hello Cyberman, The content of this article will be on changing password with csrf. It’s a pretty dangerous vulnerability. It is very common nowadays. First of all, they will be used for this type of vulnerability: Burp Suite To demonstrate this web vulnerability, I will show it on the vulnerable website called DVWA. If you […]

Read More