Hello & Welcome to AppSec Labs’ Portal

‍Below you can find our Blog, with posts about hacking stuff,  tools, mobile security and more…

You can also get all our R&D tools on the Lab page and Secure Coding instructions in the Knowledgebase section.

‍Have fun!

AppSec Labs Team

Angular Template Injection without Quote Characters

Introduction When you’re trying to detect XSS in an Angular application (AngularJS or Angular >2, the version doesn’t matter for this post), you’ll probably try the following possibilities: You enter a basic XSS payload such as <script>alert(0);</script> You find out that the developer encoded the output properly and the < > characters turn into &lt; […]

A Taxonomy on Brute Force Attacks

Brute force attack is a well-known technique of trial and error attempts used by attackers to gain access to unauthorized data. It can be leveraged against servers as an online attack and also against files as a local attack. The common denominator of all these types is that the same pattern is almost always the […]