MOST POPULAR VIDEOS
LATEST BLOG POSTS
Lots of pen test and red team blogs follow the same model: we came, we saw, we conquered, blue team tears flowed. This is not one of those blogs. TL/DR; Pen testing isn't about finding vulnerabilities. It's about finding opportunities for your client to improve, even...
Did you know you can use DNS queries to exfiltrate data from a database via SQLi? No? Then continue reading! I'll walk through some techniques you can use to enumerate and exfiltrate data from a DB server via blind SQLi. On a recent web app test, I encountered a...
Mike Saunders will be presenting "Web App 101: Lay of the Land" at DerbyCon 8, Saturday, October 6 at 12:00 PM, in Track 2 (upstairs). Mike draws on his experience in app testing to help you build an effective process for testing web applications, including how to...
MOST POPULAR SLIDES
GET THE LATEST
Sign up for the latest resources from Red Siege.