web assessments

Chaining Web Vulnerabilities FTW w/RCE

I’ve recently enrolled in Offensive Security’s Advanced Web Attacks and Exploitation (AWAE) course. One of the biggest takeaways that I’ve experienced so far, is that when finding various vulnerabilities, some may not be as significant as a SQLi or RCE, but if possible these "less impactful" vulnerabilities can be chained together to form a more […]