1. Basic SQL Commands 2. WHERE Clause & Logical Operators Logical Operators: Comparison Operators: Order of Precedence: 3. Comments Used to ignore the rest of a SQL line (important for injection): 4. Functions You’ll Use Often 5. UNION Operator Used to join two SELECT queries: Rules: 6. information_schema (Essential for Enumeration) Key Tables: 7. LIKE […]
SQL Syntax Cheat Sheet Read More »
Getting Started with OWASP Mutillidae II A beginner-friendly guide to one of the most powerful vulnerable web apps for practicing ethical hacking What Is OWASP Mutillidae II? OWASP Mutillidae II, also known as Matilda Day 2, is a deliberately vulnerable web application designed to help you practice: It’s written in PHP, runs on Apache, and
Understanding Apache, PHP, and WordPress A foundational breakdown of the tech stack behind the world’s most popular CMS Why WordPress Matters in Pentesting Over 40% of all websites on the internet run on WordPress. That makes it one of the most common targets you’ll see in the field — especially in client environments, small businesses,
Apache, PHP and WordPress Read More »
Understanding the LAMP Stack and How Web Servers Work Together From File to Function: A Beginner Pentester’s Guide to Hosting Web Apps When I first started experimenting with vulnerable web applications like OWASP Mutillidae II (Matilda Day 2), I didn’t just want to get it running — I wanted to understand what was happening under
SQL Injection Manual Cheat Sheet Basic SQL Injection Payloads Conditional Extraction (Boolean-Based Blind SQLi) Time-Based Blind SQLi UNION-Based SQL Injection Finding Number of Columns Extracting Data via UNION Login Bypass via SQLi Information Schema Discovery Extracting Data Blindly Out-of-Band SQLi Examples Bypass & Obfuscation Tricks Login Bypass (POST Form Fields) Final Advice
Understanding SQL Injection: Types and Real-World Examples for Pentesters SQL Injection (SQLi) is one of the most classic and dangerous web application vulnerabilities. As a pentester, understanding the different types of SQLi — and how to identify and exploit them — is critical. While many think SQLi is just about throwing ‘ OR 1=1–, there’s
Exfiltrating Credentials and Sensitive Data from Web Applications Getting inside the castle is one thing. Looting it without setting off alarms? That’s where real skill comes in. Once you’ve compromised a web application, the next step is clear: find and extract sensitive data—usernames, passwords, tokens, configuration files, database records, and anything else the devs forgot
Exploiting Vulnerable Web Components Modern web applications are often built on frameworks, libraries, plugins, and modules—many of which were written once and then forgotten. These outdated components are like termites in a house: invisible until they bring the whole thing down. In this post, we’ll look at how to identify and exploit these forgotten and
Exploitin Vuln Web Components Read More »
Brute-Force Attacks on Web Logins Brute-force attacks are the digital equivalent of kicking in the front door. It’s loud, sometimes messy, but when there’s no lockout policy or rate-limiting, it works. As pentesters, our job is to identify weak authentication mechanisms—and exploiting them with brute-force is often the first step toward initial access. What Is
Brute-Force On Web Logins Read More »
🔹 1. Query String Parameters (GET) Used in URLs, sent via the query string after a ?. Example: 🔹 2. Form Parameters (POST) Sent in the request body, often in login or contact forms. Example: 🔹 3. URL Path Parameters Some apps use REST-style URLs where the parameter is embedded in the path. Example: 🔹
