Vulnerability in Metasploit Project aka CVE-2017-5244

 

Hi Guys,
I hope you all are fine and doing well. Yes you read it right, We managed to find a vulnerability in a framework used to exploit vulnerabilities! “Today is me tomorrow will be you” 🙂

Today we will talk about a CSRF vulnerability affects the web application of both versions (Express, Community and Professional) of Metasploit Project.

But first what is Metasploit? (Seriously maybe somebody out there don’t know about it yet :D)

Continue reading “Vulnerability in Metasploit Project aka CVE-2017-5244”

Share

WhatsApp Clickjacking Vulnerability – Yet another web client failure!

s

Hi Folks,
I know it’s a little bit lame to mention 2 clickjacking vulnerabilities in row but that what bug hunters always do exposing the largest companies security failures, (Previously was Telegram) this time is the gigantic well-known 19 billion dollar messenger WhatsApp.

Continue reading “WhatsApp Clickjacking Vulnerability – Yet another web client failure!”

Share

Official Telegram Web Client ClickJacking Vulnerability – When crypto is strong and client is weak

Telegram-Banner

 

[*] Introduction:

Modern Web Applications nowadays are relaying on a lot of technologies where typical web applications vulnerabilities are hard to find (eg. Clickjacking is an ABC security bug) but bug hunters are always the best!

Continue reading “Official Telegram Web Client ClickJacking Vulnerability – When crypto is strong and client is weak”

Share

Web Application Security on Fire – PHP Developers Cheat Sheet version

Web Application Security on Fire – PHP Developers Cheat Sheet version


Hey!
Building a website? Or already built a one? Think twice before going public and let us protect your business!

Share