User's Ip Search Results

How To: Leverage a Directory Traversal Vulnerability into Code Execution

Directory traversal, or path traversal, is an HTTP attack which allows attackers to access restricted directories by using the ../ characters to backtrack into files or directories outside the root folder. If a web app is vulnerable to this, an attacker can potentially access restricted files that contain info about all registered users on the system, their permissions, and encrypted passwords.

How To: Generate a Clickjacking Attack with Burp Suite to Steal User Clicks

Users are often the weakest link when probing for vulnerabilities, and it's no surprise they can be easily fooled. One way to do this is called clickjacking. This type of attack tricks the victim into clicking something they didn't mean to click, something under the attacker's control. Burp Suite contains a useful tool called Clickbandit to generate a clickjacking attack automatically.

How To: Manipulate User Credentials with a CSRF Attack

Web 2.0 technology has provided a convenient way to post videos online, keep up with old friends on social media, and even bank from the comfort of your web browser. But when applications are poorly designed or incorrectly configured, certain flaws can be exploited. One such flaw, known as CSRF, allows an attacker to use a legitimate user's session to execute unauthorized requests to the server.

How To: Go Incognito on Instagram by Turning Off Your Green Dot Activity Status

While it might be more common to chat with friends on apps like Twitter, Messenger, or WhatsApp, direct messages on Instagram are becoming more and more sophisticated. Case in point, the app is rolling out a new feature to users that shows a "green dot" next to friends who are online. Luckily, you don't have to let your followers know when you're browsing photos if you don't want to.

How To: Quickly Look Up the Valid Subdomains for Any Website

Traditional subdomain enumeration techniques create a lot of noise on the target server and may alert intrusion detection systems to an attacker's intentions. For a stealthier approach, there's a tool with the capability of finding hundreds of subdomains related to the target website without alarming the server administrators.

Instagram 101: How to Add #Hashtags & @Account Tags to Your Bio

Your Instagram bio could always be used to link to other websites or profiles or just to show off your witty personality. Now, you also have the ability to use this section to tag other Instagram accounts as well as add tappable hashtags. Whether you want to link out to your best friend, company, or the latest trend in your city — if it has a profile name or tag, it can be in your bio.