Freaks City

Penetration Testing Methodology Standard Penetration Testing Process Initial project preparation and scope definition Information gathering: WHOIS lookup, source IP identification, virtual host detection, C segment scanning, server system version, container version, application version, database type, subdomain enumeration, firewall identifica ...

Understanding SQL Injection SQL injection is a prevalent form of cyber attack that exploits vulnerabilities in database query construction. It typical occurs when user input is directly concatenated into SQL queries without proper validation or sanitization, allowing attackers to manipulate SQL logic or execute arbitrary commands. Example of SQ ...

File Inclusion and Upload Vulnerabilities File inclusion vulnerabilities occur when a web application dynamically includes files based on user input without proper validation, allowing attackers to include malicious files. Modern server-side languages like PHP (since version 5.2.0) often disable remote file inclusion by default, making Local Fi ...

The login form itself remains unresponsive to basic authentication attempts. After registering an arbitrary account and signing in, the application redirects to a path containing a title parameter and exposes a password-change feature. Attempting to inject inside the password-reset interface produces no discernible output, indicating the vulner ...

Character encoding represents the fundamental mechanism for translating characters into byte sequences within computing environments. Different databases and systems may utilize varying encoding schemes such as UTF-8, ISO-8859-1 (Latin-1), and GBK. When exploiting SQL injection vulnerabilities, attackers can leverage these encoding differences ...

Interacting with MySQL using Python MySQL utilizes a client-server architecture. While it provides its own client (mysql.exe), Python applications can act as clients to interact with the MySQL server using librarise like pymysql. Workflow: Establish a connection (host, port, credentials, database, charset). Construct SQL statements within Pyth ...