Google dork “Index of /sh3llZ” allows you to find shell uploaded by hackers

Usually hackers upload shell to victim’s site using the vulnerability in that website. Shell allows hackers to hack/deface the website. Sometimes hackers left the shell in the vulnerable sites.  Here is simple google search allows you to find a shell uploaded by hackers. Use one of the following google dork to find the shell: intitle:index […]

Bypassing the XSS Filters : Advanced XSS Tutorials for Web application Pen Testing

copyrights reserved © BreakTheSecurity Hi friends, last time, i explained what is XSS and how an attacker can inject malicious script in your site. As i promised earlier, i am writing this advanced XSS tutorial for you(still more articles will come). Sometimes, website owner use XSS filters(WAF) to protect against XSS vulnerability.For eg: if you […]

“Simple Upload 53” Vulnerability allows Hacker to upload Shell

Web Application vulnerability in “Simple Upload 53” PHP file allows an attacker to upload Backdoor shell code in your website. “inurl:simple-upload-53.php” using this google search , you can find the vulnerable Sites. If you want to find the vulnerability in your web application, use this google dark:“inurl:simple-upload-53.php” After you search in google; if you […]

Self-XSS (Cross Site Scripting) ~ Social Engineering Attack and Prevention

Last time , we have explained about the Clickjacking attack and prevention.  Today,  i am going to explain about the Self-XSS(Cross Site Scripting) Attack What is Self-XSS? Self-XSS is one of the popular Social Engineering Attack used by Attackers to trick users into paste the malicious code in browser.  Results in attacker accessing to the […]