BestHub
Sign in
Tag

Vulnerability Analysis

0 views collected around this technical thread.

Practical DevOps Architecture
Practical DevOps Architecture
Mar 14, 2024 · Information Security

Comprehensive Penetration Testing Course Outline

This article provides a detailed curriculum for a penetration testing training program, covering operating system basics, web services, database setup, Kali Linux installation, various hacking tools, common web vulnerabilities, SQL injection techniques, command execution, file upload and inclusion flaws, XSS, CSRF, SSRF, privilege escalation, and internal network exploitation.

Vulnerability Analysisethical hackinginformation security
0 likes · 10 min read
Comprehensive Penetration Testing Course Outline
Java Architect Essentials
Java Architect Essentials
Feb 21, 2024 · Information Security

Student Information Leakage via Unauthenticated API in a University System

The article details a security case where an unauthenticated university API allowed an attacker to enumerate and download thousands of students' personal data by manipulating pagination parameters after discovering default credentials from a leaked PDF.

API enumerationVulnerability Analysisdata leakage
0 likes · 7 min read
Student Information Leakage via Unauthenticated API in a University System
Bilibili Tech
Bilibili Tech
Apr 18, 2023 · Cloud Native

Kubernetes Audit Log Analysis for Container Security

The article explains how to enable Kubernetes audit logging and use its detailed fields—such as userAgent, responseStatus, requestURI, and object references—to detect CDK‑generated attacks and other threats like CVE‑2022‑3172, privilege escalation, and backdoor deployment, offering practical detection examples and security recommendations.

API ServerCDKContainer Security
0 likes · 15 min read
Kubernetes Audit Log Analysis for Container Security
Architects Research Society
Architects Research Society
Mar 30, 2017 · Information Security

Industrial Control System (ICS) Protocols and Security Overview

This article provides a comprehensive overview of industrial control system terminology, common SCADA‑related protocols such as Modbus, PROFIBUS, DNP3, OPC, BACnet, and Siemens S7, their security weaknesses, detection scripts, and vulnerability analysis resources.

Industrial ControlProtocol SecuritySCADA
0 likes · 9 min read
Industrial Control System (ICS) Protocols and Security Overview
Efficient Ops
Efficient Ops
Mar 12, 2017 · Information Security

Understanding the CVE-2017-5638 Struts2 RCE: Impact, Stats, and Fixes

The article examines the high‑risk CVE‑2017‑5638 vulnerability in Apache Struts2, detailing its remote code execution mechanism, global impact statistics across industries and regions, and provides comprehensive detection methods and three tiers of remediation solutions.

Apache StrutsCVE-2017-5638Remote Code Execution
0 likes · 6 min read
Understanding the CVE-2017-5638 Struts2 RCE: Impact, Stats, and Fixes