Differences SOAP vs REST: Comparison of protocols and their security

SOAP and REST are two of the most used terms in the API development sector. If you don’t have thorough knowledge of the two, you may wonder: * Why should a developer choose and ditch others? * C ...

Continue Reading
API Securing in 2021β€Šβ€”β€ŠTop 10 Best Practices

### API Securing in 2021πŸ“‹ β€” Top 10 Best Practices I love drawing inspiration from real life and todays article is no different. I often get asked the question on how to hack an API but what some ...

Continue Reading
CVE-2021-21702

A NULL pointer dereference issue is in the SOAP extension of PHP. More specifically, the flaw occurs in the SoapClient when parsing a WSDL document due to improper checking of a child node name. A mal ...

Continue Reading
BigBountyRecon – This Tool Utilises 58 Different Techniques To Expediate The Process Of Intial Reconnaissance On The Target Organisation

[![](https://1.bp.blogspot.com/-1de0aBPNIWk/YAUWk6HkngI/AAAAAAAAVBA/s_ZSe7IlI7IkK-BtzxPMSmMHzAoV1_H6QCNcBGAsYHQ/w640-h396/BigBountyRecon_1.png)]() BigBountyRecon tool utilises 58 different techniques ...

Continue Reading
Exploit for Missing Authentication for Critical Function in Sap Netweaver Application Server Java

[CVE-2020-6287] SAP NetWeaver AS JAVA (LM Configuration Wizar...Read More ...

Continue Reading
SAP Unauthenticated WebService User Creation

This module leverages an unauthenticated web service to submit a job which will create a user with a specified role. The job involves running a wizard. After the necessary action is taken, the job is ...

Continue Reading
U.S. Dept Of Defense: SharePoint Web Services Exposed to Anonymous Access

Summary: Any unauthenticated/anonymous users are able to access the SharePoint Web Services (.wsdl files) for the β–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆβ–ˆ website. Description: The SharePoint installation for t ...

Continue Reading
Kentico CMS 12.0.14 Remote Command Execution Exploit

This Metasploit module exploits a vulnerability in the Kentico CMS platform versions 12.0.14 and earlier. Remote command execution is possible via unauthenticated XML requests to the Staging Service S ...

Continue Reading

Back to Main

Subscribe for the latest news: