BestHub
Sign in
Tag

vulnerability assessment

0 views collected around this technical thread.

Top Architect
Top Architect
Jul 20, 2021 · Information Security

Auditing MyBatis SQL Injection Vulnerabilities: Common Pitfalls and Practical Steps

This article explains how to identify and exploit MyBatis‑based SQL injection vulnerabilities by examining XML and annotation mappings, covering common pitfalls such as fuzzy queries, IN clauses, and ORDER BY, and provides a step‑by‑step practical analysis using a real open‑source CMS project.

JavaMyBatisSQL injection
0 likes · 7 min read
Auditing MyBatis SQL Injection Vulnerabilities: Common Pitfalls and Practical Steps
Python Programming Learning Circle
Python Programming Learning Circle
Jun 26, 2021 · Information Security

Security Analysis and Exploitation of a QQ Phishing Website

The article documents a step‑by‑step security investigation of a QQ phishing site, detailing its fake login page, POST endpoint, Python‑based credential flooding, network reconnaissance, port scanning, vulnerability scanning, and discovery of the backend control panel, while discussing the challenges of XSS and brute‑force attacks.

PythonWeb Securityinformation security
0 likes · 7 min read
Security Analysis and Exploitation of a QQ Phishing Website
Fulu Network R&D Team
Fulu Network R&D Team
Aug 26, 2020 · Information Security

Establishing a Comprehensive Security Testing Process

This article explains the importance of security testing, outlines where to start, and details a step‑by‑step security testing workflow covering requirement analysis, static code scanning, third‑party component checks, data masking, permission checks, XSS, SQL injection, privilege escalation, file upload/download, server port scanning, and business‑specific test cases.

Security Testinginformation securityrisk management
0 likes · 9 min read
Establishing a Comprehensive Security Testing Process
360 Quality & Efficiency
360 Quality & Efficiency
May 9, 2016 · Information Security

Comprehensive Guide to Security Testing: Methods, Tools, and Best Practices

This article provides an in‑depth overview of security testing, covering its definition, lifecycle, test types, a wide range of scanning and injection tools, practical checklists, evaluation metrics, and recommendations for integrating security assessments throughout the software development process.

Network SecuritySecurity Testinginformation security
0 likes · 20 min read
Comprehensive Guide to Security Testing: Methods, Tools, and Best Practices