Hello & Welcome to AppSec Labs’ Portal

‍Below you can find our Blog, with posts about hacking stuff,  tools, mobile security and more…

You can also get all our R&D tools on the Lab page and Secure Coding instructions in the Knowledgebase section.

‍Have fun!

AppSec Labs Team

Resident XSS – Reflected Becomes Stored Thanks to HTML5

HTML5 is the newest version of the HTML. It offers new features that enhance support for creating web applications that can interact with the user and his/her local data and servers. HTML5 successfully does this more easily and effectively than has previously been possible. In this article we will focus on the new client storage offered […]

The reason why your exploit does not work

This post will explain to you, why it is that in Java most of the command line injection vulnerabilities in most common cases could not be exploited with: && dir ; ls   There are two options for running a command: Send the whole command to the OS shell (CMD or /bin/sh) and let Java […]

X-Frame-Option is dead, long live Content Security Policy!

Clickjacking, (A.K.A UI Redress attack) is an attack in which an attacker utilizes multiple transparent or opaque layers in order to trick a client into clicking on a button or link on a different page; they are then mislead to think they were clicking the top level page link. Accordingly, the attacker is “hijacking” clicks meant for […]