Exploiting Blind Java Deserialization with Burp and Ysoserial

While performing a web application penetration test, I stumbled upon a parameter with some base64 encoded data within a POST parameter. Curious as to what it was, I sent it over to Burp decoder...

GOWPT - Go Web Application Penetration Test

GOWPT is the younger brother of wfuzz a swiss army knife of WAPT, it allow pentester to perform huge activity with no stress at all, just configure it and it's just a matter of clicks. How to install To install gowpt just type: make sudo make install Usage From the -h menu Usage of gowpt: -H valu...

Aurora WebOPAC SQL Injection - Security Advisory - SOS-12-004

Sense of Security - Security Advisory - SOS-12-004 Release Date. 12-Mar-2012 Last Update. - Vendor Notification Date. 24-Nov-2011 Product. Aurora WebOPAC Platform. Independent Affected versions. 3.5.0e, 3.4.6a, 3.5.3, 3.5.0i, 3.4.7b, 3.5.2.2, 3.4.7b, possibly others Severity Rating. High Impact...