In this video we’ll dive into SQL injection for beginners using both automated tools and then replicating the process by hand so we can truly understand what is going on behind the curtains.

To further comprehend this vulnerability, we’ll also take a look at the code behind the web pages: both the PHP scripts and also the SQL statements to digest it properly.

SQL injection has been a heavy contender in OWASP’s top 10 vulnerabilities every year for over a decade at this point, so safe to say that its here to stay in current web apps and in the future.

Let’s begin by clarifying what exactly is SQL / code injection…

Hello guys.

In this post we’ll take a look at how to setup Apache, MySQL and PHP on Windows and Linux. This setup is mainly for a series of SQL injection labs that I’ll be posting in the upcoming days (you’ll find the link for the HTML/PHP below). For this reason, it will be a development setup not a secure one. 😉

What will be covered:

• Installation of Apache, MySQL and PHP
• Configuration of each service where needed
• Creating MySQL user, database and grant privileges
• Download HTML/PHP pages and configure it properly

Since I’ll be doing a series of SQL injection posts, I figured it would make sense to create this post given that understanding the installation process, database users/permissions all contribute to the vulnerability.

With that said, let’s begin!

Whats up guys?

In this post we’ll take a look at a Python script to break a file (image, executable, whatever) into several chunks of raw bytes and another one to merge those chunks together and reassemble that file back.

Since I’ve been doing a cloud security certification, it mentioned a technique widely employed in cloud of storing chunks of files into different virtual machines for security purposes (kind of like a RAID setup).

That made me think: ah, this could be a cool Python script to code! Hence, this tutorial. 🙂

Each script is less than 20 lines of code and not difficult at all, just basic file manipulation of raw bytes.

In any case, I have made an introduction to files in Python to get you started – if you are new to programming and/or Python, check it out since it should be all that you need for this tutorial.

What’s going on guys?

In this post we’ll do a brief introduction into handling files in Python 3.

We’ll be looking at the following file operations:

• Opening files for read mode
• Opening files for write mode
• Basic file operation functions
• Reading files in binary mode

This isn’t necessarily an in-depth tutorial, just something to get you started.

Let’s begin!

What’s good y’all?

In this episode we’ll take a look at brute-forcing a VeraCrypt container using Hashcat.

For starters I want to say that I’m a huge VeraCrypt fan and use it all the time, for a long time. Long enough to remember when it was, originally, called TrueCrypt before the project was abandoned.

I caught myself thinking: how long would it actually take to brute-force specific password masks? That’s when I decided to put it to the test using Hashcat and an operating system equipped with a graphics card.

Let’s find out! 🙂