Vibe talking: Dan Murphy on the promises, pitfalls, and insecurities of vibe coding

Thu, 15 May 2025

Vibe coding is one of the hottest trends in software right now, promising to radically change how we build apps by using natural language instead of traditional programming. But beyond the buzz, what does it actually mean and what are the risks?

Collision Based Hashing Algorithm Disclosure

Wed, 10 Jan 2018

This detailed article explains how you can use the Collision Based Hashing Algorithm Disclosure method to check if the target web application uses the weak SHA-1 hashing algorithm to hash the users’ passwords.

The Advantage of Heuristic Over Signature Based Web Vulnerability Scanners

Thu, 29 Jun 2017

This article explains how both the heuristic and signature based web application security scanners work. It also explains the pros and cons of both types of scanners.

Infosecurity Europe 2017 Tech Talk: Scaling-Up & Automating Web Application Security

Tue, 20 Jun 2017

Watch our CEO’s tech talk about the challenges of automating and scaling-up web application security. Ferruh delivered this presentation at Infosecurity Europe 2017, one of Europe’s biggest IT security conferences.

XSS, CSRF & Other Vulnerabilities in CubeCart Web Application

Fri, 12 Jan 2018

This article explains in details the various vulnerabilities Netsparker’s security researchers identified in CubeCart, an open source ecommerce solution.

Demo: Exploiting a Blind XSS & Second Order SQL Injection

Thu, 11 May 2017

How you can disable directory listing on your web server—and why you should

Wed, 01 May 2024

Preventing Cross-site Scripting Vulnerabilities When Developing Ruby on Rails Web Applications

Wed, 19 Apr 2017

This article uses examples to explain how to develop secure web applications in Ruby on Rails that are not vulnerable to cross-site scripting vulnerabilities.

Course: Introduction to Web Application Penetration Testing

Mon, 22 May 2017

This detailed course explains the different stages of a thorough web application security and penetration test. Using both videos and slides, this course is ideal for anyone who would like to get started with web application security and using an automated web vulnerability scanner.