http2 downgrading request smuggling
Request smuggling and HTTP/2 downgrading: exploit walkthrough
Application Security
06 Dec 2023
Detailed overview and real-world exploit of request smuggling vulnerability from HTTP/2 downgrading.
traditional pen testing
Can traditional pen testing keep up with modern AppSec?...
Application Security
15 Nov 2023
A pen tester’s perspective on the most common issues with vulnerability scanning and traditional pen testing of modern web apps.
broken-access
Broken access control vulnerabilities and why scanners can’t detect...
Application Security
03 Nov 2023
Examples of broken access control vulnerabilities and why they remain present even after vulnerability scans and assessments.
HTTP request smuggling
Using HTTP request smuggling to hijack a user’s session...
Application Security
06 Sep 2023
In this blog, one of our Application Security Auditors takes a look at the new HTTP request vulnerability, gives a...
Penetration testing vs vulnerability scanning: What’s the difference?
Application Security
27 Apr 2023
Vulnerability scanning and penetration testing should be an essential part of your cybersecurity strategy. This blog discusses the above methods...