New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support
Educate 360
New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support
Educate 360
New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support LMS Login Login
TCM-Sec-Primary-Logo
Get a Free Consultation
Get Started with NoSQL Injection (NoSQLi)

Get Started with NoSQL Injection (NoSQLi)

Overview NoSQL databases, a term that stands for “Not Only SQL,” represent a shift from traditional relational databases. Unlike their SQL-based counterparts that rely heavily on tables and fixed schemas, NoSQL databases provide flexible storage...
Docker for Web App Pentesters

Docker for Web App Pentesters

Overview Having a flexible and isolated environment doesn’t just save us time, it can also be crucial for testing. Whether you’re deploying a real-world application stack for research, testing exploits, or setting up vulnerable apps for practice, you need a...
Unearthing Secrets in Git Logs

Unearthing Secrets in Git Logs

Overview Version control systems, such as Git, are essential tools in software development, enabling seamless collaboration and change tracking. However, their widespread use can sometimes lead to unintended security oversights. While Git excels in managing code...
Find and Exploit Server-Side Template Injection (SSTI)

Find and Exploit Server-Side Template Injection (SSTI)

Server-Side Template Injection (SSTI) is an attack that allows an attacker to inject malicious input into a templating engine, leading to code execution on the server. While this vulnerability can be quite impactful, understanding and exploiting it requires a good...
Find and Exploit Blind SSRF with Out-of-Band (OOB) Techniques

Find and Exploit Blind SSRF with Out-of-Band (OOB) Techniques

Server-Side Request Forgery (SSRF) is a vulnerability that let’s an attacker have a server make requests on their behalf. Typically this can allow the attacker to reach internal resources that would otherwise be unavailable. Whilst the typical SSRF is dangerous...
Understanding and Hacking GraphQL: Part 1

Understanding and Hacking GraphQL: Part 1

GraphQL, a query language for your API and a server-side runtime for executing those queries, is rapidly becoming a prevalent technology in modern web applications. This technology, developed by Facebook in 2012 and released as an open-source project in 2015, provides...