DefendEdge’s Post

Alysha from our team resumed her study on web vulnerabilities and this time, she picked Template Injection. Please take a look at her first series on this topic at our blog! https://lnkd.in/g3sgaXCt #rehackxyz #pentest #bugbounty #templateinjection #ssti

As I published CVE-2024-27930 and CVE-2024-27937, I realised that someone managed to find an SQL injection in the same version. I had to admit, I missed it ... 😞 Let's dive into a really interesting vulnerability, abusing PHP < 8.x loose comparison to perform an uncommon SQL injection in the ORDER BY clause. More details: https://lnkd.in/eYBhEizQ N.B: I take no credit for this vulnerability, I did not discover it by myself. These are just a few thoughts about a flaw for which I tried to develop an exploit, until I realised that the details were already published. **Sigh**(https://lnkd.in/eqWcwASi)

Kali Linux Tools: Socid-Extractor : Extract Accounts Info From Personal Pages On Various Sites For OSINT Purpose Tool Details: https://lnkd.in/gNNSY-Ab Socid-Extractor Extracts information about a user from profile webpages / API responses and save it in machine-readable format. #cybersecurity #informationsecurity #kalilinux #kalilinuxtools 

Kali Linux Tools: Instaloctrack : An Instagram OSINT Tool To Collect All The Geotagged Locations Tool Details: https://lnkd.in/gCd3_2Dd Instaloctrack, a tool to scrape geotagged locations on Instagram profiles. Output in JSON & interactive map. #cybersecurity #informationsecurity #kalilinux #kalilinuxtools #Instaloctrack

I use .env files in many projects. If your looking for security, here is an encrypted version