Application Security, Technology
We have seen a lot of applications where some sub-domains or sub-directories are publicly exposed (intently or by mistake). So, with experience from our past pentests we have made a habit of testing for vulnerable or accessible sub-domains. During one of such testing, I was manually testing the URLs of different sub-domains of the...
Grails console is one plugin that we install as soon as we create a new application. The power and the purpose of the utility is too good to be missed. On one such occasion, I decided to dig the code in the plugin and discovered the magic trick that executes the string that we type in the web interface. Turned out that...