API Securing in 2021?—?Top 10 Best Practices

### API Securing in 2021? — Top 10 Best Practices I love drawing inspiration from real life and todays article is no different. I often get asked the question on how to hack an API but what some peop ...

Continue Reading
CVE-2021-21702

A NULL pointer dereference issue is in the SOAP extension of PHP. More specifically, the flaw occurs in the SoapClient when parsing a WSDL document due to improper checking of a child node name. A mal ...

Continue Reading
BigBountyRecon – This Tool Utilises 58 Different Techniques To Expediate The Process Of Intial Reconnaissance On The Target Organisation

[![](https://1.bp.blogspot.com/-1de0aBPNIWk/YAUWk6HkngI/AAAAAAAAVBA/s_ZSe7IlI7IkK-BtzxPMSmMHzAoV1_H6QCNcBGAsYHQ/w640-h396/BigBountyRecon_1.png)]() BigBountyRecon tool utilises 58 different techniques ...

Continue Reading
Exploit for Missing Authentication for Critical Function in Sap Netweaver Application Server Java

[CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizar...Read More ...

Continue Reading
SAP Unauthenticated WebService User Creation

This module leverages an unauthenticated web service to submit a job which will create a user with a specified role. The job involves running a wizard. After the necessary action is taken, the job is ...

Continue Reading
U.S. Dept Of Defense: SharePoint Web Services Exposed to Anonymous Access

Summary: Any unauthenticated/anonymous users are able to access the SharePoint Web Services (.wsdl files) for the ?????????? website. Description: The SharePoint installation for this particular site ...

Continue Reading
Improper Restriction of XML External Entity Reference in soa-model

Soa-model is a toolkit and Java API for WSDL, WADL and XML Schema. An XML External Entity (XXE) vulnerability exists in versions of soa-model prior to 1.6.4 in the WSDLParser function. This issue has ...

Continue Reading

Back to Main

Subscribe for the latest news: