Microsoft Exchange ProxyLogon RCE

This module exploit a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication, impersonating as the admin (CVE-2021-26855) and write arbitrary file (CVE-2021-27 ...

Continue Reading
Onion Omega2 Login Brute-Force

OnionOS login scanner module for Onion Omega2 devices.Read More ...

Continue Reading
Deserialization of Untrusted Data in Apache Dubbo

Apache Dubbo prior to 2.6.9 and 2.7.10 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the ser ...

Continue Reading
What is JSON-RPC ❓ Definition, Work, Comparison

Just like everything else, the world of API protocols is evolving. Typical [SOAP]() and REST APIs have many companies like GraphQL, gRPC, and Thrift. JSON-RPC is also on the list. Created to develop f ...

Continue Reading
API Security Tutorial

**Historial API Evolution** As per the documented history, the occurrence of web APIs transpired towards the end of 1990 with the launch of Salesforce’s sales automation solution. At that point in t ...

Continue Reading
API security — Wiki: What is ❓ Why ❓ For PenTest & Best Practice

### API security — Wiki: What is ❓ Why ❓ For PenTest & Best Practice **What does api mean?** For beginners, API refers to the Application Programming Interface designed for effortless commun ...

Continue Reading
What is JSON-RPC ❓ Definition, Work, Comparison

Just like everything else, the world of API protocols is evolving. Typical [SOAP]() and REST APIs have many companies like GraphQL, gRPC, and Thrift. JSON-RPC is also on the list. Created to develop f ...

Continue Reading
API Security Tutorial

**Historial API Evolution** As per the documented history, the occurrence of web APIs transpired towards the end of 1990 with the launch of Salesforce’s sales automation solution. At that point in t ...

Continue Reading

Back to Main

Subscribe for the latest news: