New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support
Educate 360
New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support
Educate 360
New Horizons New Horizons Project Management Academy Project Management Academy Six Sigma Online Six Sigma Online TCM Security TCM Security TRACOM TRACOM Velopi Velopi Watermark Learning Watermark Learning
Contact Sales Contact Support LMS Login Login
TCM-Sec-Primary-Logo
Get a Free Consultation
Find and Exploit Server-Side Template Injection (SSTI)

Find and Exploit Server-Side Template Injection (SSTI)

Server-Side Template Injection (SSTI) is an attack that allows an attacker to inject malicious input into a templating engine, leading to code execution on the server. While this vulnerability can be quite impactful, understanding and exploiting it requires a good...
Find and Exploit Blind SSRF with Out-of-Band (OOB) Techniques

Find and Exploit Blind SSRF with Out-of-Band (OOB) Techniques

Server-Side Request Forgery (SSRF) is a vulnerability that let’s an attacker have a server make requests on their behalf. Typically this can allow the attacker to reach internal resources that would otherwise be unavailable. Whilst the typical SSRF is dangerous...
XPath Injection: A Beginners Guide

XPath Injection: A Beginners Guide

Overview XPath Injection, akin to other common injection attacks, specifically targets vulnerabilities within an application’s user input processing system. But what sets XPath Injection apart is its exploitation of XPath queries. The fallout? Unauthorized...
Understanding, Detecting, and Exploiting SSRF

Understanding, Detecting, and Exploiting SSRF

The rapidly evolving world of cybersecurity brings with it an ever-expanding catalogue of threats. One such vulnerability, which has been gaining traction recently in the API space, is Server-Side Request Forgery (SSRF). Though it’s not a new concept, SSRF has...
Start your Journey with Bug Bounty

Start your Journey with Bug Bounty

Bug bounty programs have been a popular phenomenon in the tech industry for the last decade or so. They’re an opportunity for anyone to identify vulnerabilities in a company’s software or infrastructure and get rewarded for their discoveries. But, how do...
Local File Inclusion: A Practical Guide

Local File Inclusion: A Practical Guide

Local File Inclusion (LFI) is a vulnerability that allows an attacker to read files from a server they should not have access to. This can lead to to the exposure of sensitive information and often enables the attacker to progress further towards their goals. It’s...