Skip to main content

September 17, 2015

The Legendary Command Injection via Password

When you work with a talented team of penetration testers, after a while only the most noteworthy vulnerabilities stand out in the collective memory o...

See Details

December 23, 2013

Using Burp Suite to Test Web Services with WS-Security

During a recent engagement we ran into a web service endpoint that was using WS-Security for authentication, specifically it was using the “Username T...

See Details