by TCMS Staff | Jan 4, 2024 | Penetration Testing, Web Applications
Overview Despite its popularity as an SQL injection example, we argue that “OR 1=1” presents more risks than rewards. It may work for login bypasses occasionally, but its reliability is questionable, and better alternatives exist. We explore the drawbacks,...
by TCMS Staff | Dec 14, 2023 | Web Applications
Overview In this blog post series, we’ll guide you through the process of creating Burp extensions. First, we will set up your development environment. Then, we will create a basic extension to add a custom feature to Burp Suite. Over the course of the series,...
by Alex Olsen | Dec 7, 2023 | Web Applications
Overview The demand for skilled web application penetration testers is still ever-increasing and we are proud to introduce the Practical Web Pentest Associate (PWPA) certification. This certification is designed to validate the skills of aspiring web application...
by Alex Olsen | Nov 30, 2023 | Programming, Web Applications
Overview JSON permeates virtually every corner of the digital landscape today. It powers web APIs, configures files, fuels mobile apps, and anchors data storage. To maintain seamless day-to-day hacking, it’s crucial to wield a robust understanding of JSON....
by Alex Olsen | Nov 9, 2023 | Web Applications
Introduction Fed up being slowed down by simple checks and functionality? Even seemingly simple CSRF tokens can get in the way of a straight-forward brute-force attack! Enter BURP Suite Macros, an indispensable tool that can be used to efficiently handle these...
by Alex Olsen | Oct 4, 2023 | Security, Web Applications
Overview NoSQL databases, a term that stands for “Not Only SQL,” represent a shift from traditional relational databases. Unlike their SQL-based counterparts that rely heavily on tables and fixed schemas, NoSQL databases provide flexible storage...
