A. BoukarWhat is DLL Hijacking and How to Prevent it?In this article, we will explore DLL Hijacking, and how attackers use it for privilege escalation in Windows. We will also explore how to…Oct 3, 2023Oct 3, 2023
A. BoukarinInfoSec Write-upsCreate Bind and Reverse Shells using NetcatNetcat (nc, ncat, or the swiss army knife of networking, as some might prefer to call it) is a command-line utility that every…Apr 18, 2022Apr 18, 2022
A. BoukarinInfoSec Write-upsServer-Side Request Forgery (SSRF) ExplainedServer-Side Request Forgery (or SSRF) is an attack that consists of inducing a web application to send back-end requests to an unintended…Apr 8, 20221Apr 8, 20221
A. BoukarinInfoSec Write-upsHost Header Injection AttacksHost Header injection is not the type of attack that you would normally find in CTFs or security challenges. However, it is widespread in…Feb 5, 20221Feb 5, 20221
A. BoukarHTTP Request Smuggling ExplainedHTTP Request Smuggling ( HRS) is a type of attack that is gaining more and more attention in recent years. Its rise is fueled by the high…Dec 31, 20211Dec 31, 20211
A. BoukarinInfoSec Write-upsXXE Attacks ExplainedOut of the many attacks that threaten web applications today, XXE remains the one that is talked about the least. Although it gets far less…Dec 12, 2021Dec 12, 2021
A. BoukarCSRF (Cross-Site Request Forgery) ExplainedCross- Site Request Forgery (CSRF or XSRF), also called Client-Side Request Forgery, is a type of attack that targets web applications. It…Nov 28, 2021Nov 28, 2021
A. BoukarinCodeXA Quick Guide To Regular ExpressionsRegular expressions are present in almost all programming languages (Python, PHP, Javascript…), as well as in Linux commands (grep, sed…)…Sep 26, 2021Sep 26, 2021
A. BoukarinGeek CultureIntroduction to Cross-Site Scripting (XSS)This article presents a great introduction for anyone trying to learn about Cross-Site Scripting (or XSS). You don’t need to be an expert…Aug 13, 2021Aug 13, 2021
A. BoukarinCodeXUsing THC Hydra To Brute Force Login FormsTHC Hydra is a powerful tool to use against login forms. It can perform brute force and dictionary attacks against different types of…Aug 6, 2021Aug 6, 2021