Simple OS Command Injection

Below is an example of simple OS command injection. OS command injection is a vulnerability where we can inject an Operating System command into the URL or code of a web page and have it execute on the server. This is a critical flaw and can be used to run commands on the webserver underlying […]

Cool ASCII Symbols

Unique ASCII symbols that might have some value.   ㊀ ㊁ ㊂ ㊃ ㊄ ㊅ ㊆ ㊇ ㊈ ㊉ ㊊ ㊋ ㊌ ㊍ ㊎ ㊏ ㊐ ㊑ ㊒ ㊓ ㊔ ㊕ ㊖ ㊗ ㊘ ㊙ ㊚ ㊛ ㊜ ㊝ ㊞ ㊟ ㊠ ㊡ ㊢ ㊣ ㊤ ㊥ ㊦ ㊧ ㊨ ㊩ ㊪ ㊫ ㊬ ㊭ […]

Enumerating Sub-Domains of a Website

Although there are many tools out there that do a great job of enumerating sub-domains, I feel the one that does the best is www.netcraft.com.  It is also very good at fingerprinting a web server as well. Netcraft provides research data and analysis among many of its services.  When you enter a website into Netcraft’s search bar, […]

Knoxss.me XSS Vulnerability Scanner

I’ve been using the professional version of knoxss.me XSS scanner for a little while now and I feel its probably the best XSS scanner out there that I have seen.  I was able to find a vulnerable site on my first day of using it. knoxss.me was written by Brute Logic I would also recommend […]

RSnake’s XSS Cheat Sheet

Below is a mirror of RSnake’s original XSS Cheatsheet and Character Encoding Calculator https://www.in-secure.org/misc/xss/xss.html

Google Hacking Manual – TheV0iD

# Google Hacking Manual  # Author: TheV0iD  # Date: 2014.06.11  —————————  What are Dorks?  —————————-   Using dorks is not hard, it’s pretty easy if you know what you are doing and also it’s a cool way to step in the hacking world.    Dorks are keywords that if used on search-engines can return some specific […]