In light of COVID-19 precaution measures, we remind that all ImmuniWeb products can be easily configured and safely paid online without any human contact or paperwork.

Community Edition
Total Tests:
This Week:
Today:
Stay in Touch

Weekly newsletter on AI, Application Security & Cybercrime


Your data will stay confidential Private and Confidential

ImmuniWebSecurity BlogPage 27

ImmuniWeb Security Blog | Page 27

XSS: the easiest way to hack your website in 2014
November 20, 2014

There is no need to convince people that XSS was, is and probably will be the most frequent web vulnerability. However, many people, including security engineers, team leaders and ...

CVE-2014-3669: Integer overflow in unserialize() PHP function
October 20, 2014 | Symeon Paraschoudis

In this blog post we are going to analyze an integer overflow we discovered in PHP (version <= 5.6.1, 5.5.17, 5.4.33) during our security research campaign which was conducted on ...

Efficiency and effectiveness: the missing combination in a fragile security industry
October 14, 2014 | Kevin Townsend

When Symantec, one of the grand old dames of security, decided to split itself into two separate companies last week, it raised questions about the entire security market. It ...

Plugins and extensions: the Achilles heel of popular CMSs
September 30, 2014 | Kevin Townsend

A by-product of High-Tech Bridge’s ImmuniWeb® web application penetration test SaaS is the frequent discovery of vulnerabilities in popular web applications and CMSs.

Bug bounty programs - the road to hell is paved with good intentions.
September 17, 2014 | Kevin Townsend

Bug bounties are in the news again. Twitter has announced its own new scheme, while Robert Graham of Errata Security claims legal actions brought for loss of personal data will ...

Vested Interests have hijacked Edward Snowden
September 8, 2014 | Kevin Townsend

Microsoft case shows the NSA is not a hacking threat; organized crime remains the biggest problem.

Right to be... Compromised
August 29, 2014

Today when the media is full of talk about privacy and the right to be forgotten introduced by Google, I get the impression that some companies use and even abuse their right to ...

Second high risk flaw in 2 months found in articleFR
August 7, 2014

High-Tech Bridge operates a responsible disclosure policy. When our researchers find a vulnerability we file a report to the vendor, which contains all details about the ...

ImmuniWeb® Self-Fuzzer Firefox Extension
September 10, 2013 | Xavier Roussel

ImmuniWeb® Self-Fuzzer is a simple Firefox browser extension designed to detect Cross-Site Scripting and SQL Injection vulnerabilities in web applications.

Welcome to the World Wild Web [French]
July 1, 2013 | Frédéric BOURLA

In our interconnected world, users are everyday facing an hostile environment, even if most of them are usually not aware of the underlying risks. During his talk at 4th brokers ...

Fuzzing: An introduction to Sulley Framework
May 6, 2013 | Brian Mariani

Fuzzing is the art of knowing how to put heavy pressure on software in order to find security vulnerabilities. Fuzzing frameworks have been among us since many years. Some of them ...

CVE-2013-0804: Novell GroupWise Untrusted Pointer Dereference Exploitation
April 3, 2013 | Brian Mariani

In November 2012 High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in Novell GroupWise 2012. Details of the vulnerabilities were disclosed in April 2013. ...

arrow left2223242526272829arrow right

This website uses cookies to provide you with a better surfing experience. To learn more, please visit our Privacy Policy. By continuing to use this website you consent to our use of cookies.

View Products Ask a Question