Unlocking the power of WhiteRabbitNeo AI Security Model with Ollama

Setting up local security assistants with the help of the Ollama + WhiteRabbitNeo AI model for efficient security operations.

How to Install and Configure Shield Security: Step-by-step guide

This step-by-step guide on how to install and configure the Shield Security plugin will enable the standard recommended security settings for your WordPress website quickly and keep it safe from potential threats.

Security Threats of Nulled WordPress Plugins and Themes: Uncovering the Hidden Dangers

Discover the security threats behind seemingly harmless, nulled WordPress plugins and themes. Learn about hidden dangers that can compromise your website's security and steps to secure your site.

Enhancing the Security of WordPress Sites: Best Practices and Tips

Discover the essential tips and best practices for enhancing the Security of WordPress Sites. Owners can analyze security risks, install recommended plugins, monitor continuously, and tweak configurations, which can help keep your sites safe from potential threats.

How to Install Wordfence: Step-by-step guide

This step-by-step guide on how to install the Wordfence plugin will enable the standard recommended security settings for your WordPress website quickly and keep it safe from potential threats.

AI-Powered Security Assistant with Ollama and Mistral - Locally

By setting up locally, revolutionize your security automation with the help of AI-powered assistants, Ollama + Mistral. Enhancing safety through through technology.

WordPress Scan for Vulnerabilities: A Comprehensive Guide for Site Security

WordPress scan for vulnerabilities article will guide you with step-by-step approaches and examples that can be implemented on your website to scan and identify vulnerabilities. Also, additional information about security measures, tools, and plugins is available.

Bug Bounty vs Pentest: Making an Informed Decision on Security Testing

Both bug bounty and pentest play crucial roles in identifying and addressing security vulnerabilities, but they differ in their approaches. Understanding these differences helps you choose which type of security testing best suits for organizations or hackers who want to get into security testing.

About Information Security Awareness & Education

In today's digital world, cyberattacks are more prevalent than ever, with the number of victims growing exponentially. Attackers are consistently finding new and creative ways to lure victims into traps. Sometimes, even for security professionals, it is becoming more difficult to differentiate between genuine and fake content with

Challenge 14: XSS bypass blacklisted JS function

This article goes into depth discussing an alternative JavaScript function, namely "confirm()". It serves as an alternative for the JavaScript "alert()" function when the latter is unavailable.

Challenge 13: XSS in HTML Anchor Tag

Check out how a security risk can arise from an improperly configured dynamic link generation tag and which can result in XSS exploitation.

Challenge 12: XSS CSP bypass through remote payload

Learn how to bypass a misconfigured CSP policy and how it can lead to the successful exploitation of cross-site scripting vulnerability.

XSS Explained with Kurukshetra

Challenge 11: XSS CSP bypass through an inline script

Learn how a misconfigured CSP can be bypassed, potentially leading to the successful exploitation of cross-site scripting vulnerability.

XSS Explained with Kurukshetra

Challenge 10: XSS bypass backslash escape

Check out how the XSS can be exploited in the HTML <div> tags and learn more about <img> tag-based XSS payload.

XSS Explained with Kurukshetra

Challenge 9: XSS in the hidden input field

Check out how the XSS can also be exploited in hidden input parameter fields with examples.

XSS Explained with Kurukshetra

Challenge 8: XSS bypass improper output encoding

Learn how the partially implemented HTML output encoding can be bypassed for exploiting XSS vulnerability using the HTML5 attributes

XSS Explained with Kurukshetra

Challenge 7: XSS in a dropdown list

Learn how the XSS vulnerability can be found in other params even though it is not editable by the browser using the BurpSuite Proxy tool

XSS Explained with Kurukshetra

Challenge 6: XSS Bypass Client-Side Blacklist Validation

Learn why client-side validation cannot be trusted all the time and how it can be tampered with by using BurpSuite as a proxy for exploiting XSS

XSS Explained with Kurukshetra

Challenge 5: XSS bypass Client-Side Length Limit

Learn why client-side validation cannot be trusted all the time and how it can be tampered with by browser debugging tools for exploiting XSS

XSS Explained with Kurukshetra

Challenge 4: XSS using HTML attribute

Learn how the XSS payload can be crafted using HTML5 event attributes rather than using the classic <script> tag

XSS Explained with Kurukshetra

Challenge 3: XSS bypass Blacklist HTML tags

Using the XSS fundamentals learned will look at how poorly implemented input validations can be bypassed with a custom-crafted xss payload.

XSS Explained with Kurukshetra

Challenge 2: Reflected cross-site scripting attack

You will learn about a reflected XSS and how it differs from the stored XSS. Also, I will walk you through exploiting reflected XSS.

XSS Explained with Kurukshetra

Challenge 1: Stored cross-site scripting attack

You will learn about what cross-site scripting vulnerability is, the types of cross-site scripting vulnerabilities, and how to identify a stored XSS vulnerability.

XSS Explained with Kurukshetra

XSS Explained: Learn cross-site scripting with examples

Kurukshetra is an intentionally designed XSS-vulnerable application. XSS is explained with examples, and it's an open-source lab for practicing and learning cross-site scripting vulnerabilities.