Web Security

08Nov 2016

In the recent weeks, the entire security community has been shocked by two serious security vulnerability affecting all Joomla versions from 3.4.4 to 3.6.3: CVE-2016-8870 and CVE-2016-8869. Combining these vulnerabilities, an attacker can create a privileged user and potentially own the server hosting the Joomla webiste. In this episode, Gianni shows how to attack a Joomla […]

29Sep 2016

Metasploitable is a vulnerable VM created to practice common penetration testing techniques. In this episode of #HackOnTuesday, Gianni shows how to discover hidden directories and files on a webserver, how to exploit an information disclosure in TikiWiki 1.9.5 and get critical information about the database, how to find misconfigurations in the system, and last but not […]