HackCert

// field_notes

The Hackcert Blog

389 field-grade guides on offensive ops, blue-team detection, cloud security, AI red-teaming and more — written for engineers who ship.

Showing posts for tag: Web Application Security Clear
Second Order Injection: Hacking Web Applications by Storing Malicious Payloads in Databases
Advanced 8 min read

Second Order Injection: Hacking Web Applications by Storing Malicious Payloads in Databases

Discover the mechanics of Second Order SQL Injection, an advanced attack technique where malicious payloads are stored harmlessly and executed later.

Rokibul IslamWeb Application SecuritySQL InjectionAdvanced
SSRF Exploitation: Internal Network Scanning via Server-Side Request Forgery
Advanced 12 min read

SSRF Exploitation: Internal Network Scanning via Server-Side Request Forgery

A deep dive into Server-Side Request Forgery (SSRF), demonstrating how attackers weaponize web applications to scan and exploit internal networks.

Rokibul IslamWeb Application SecurityCybersecurityAdvanced
SSTI Exploitation: Remote Code Execution via Server-Side Template Injection
Advanced 11 min read

SSTI Exploitation: Remote Code Execution via Server-Side Template Injection

Discover the critical risks of Server-Side Template Injection (SSTI) and learn how attackers exploit template engines to achieve Remote Code Execution.

Rokibul IslamWeb Application SecurityCybersecurityAdvanced
Intro to Web Application Security Basics
Beginner 9 min read

Intro to Web Application Security Basics

Learn the fundamentals of web application security, the OWASP Top 10, common attack patterns, and defenses every developer and beginner should know.

Imran Khalid MirzaWeb Application SecurityAppSecOWASP