Posts

Today, we want to showcase one of the most powerful and interesting features in GBounty, an open-source tool for detecting vulnerabilities in web applications and APIs. This feature makes it easy to combine multiple URLs with lists of parameters to...
Continue reading

Bounty Security is thrilled to announce that we have open-sourced several of our flagship tools under the MIT license. This move is our way of giving back to the community that has supported us, allowing everyone to benefit from and contribute to these powerful resources.
Continue reading

Understanding the Vulnerability In a Blind SQL Injection attack that exploits content-length differences, the server's response size changes based on the injected payload. By carefully crafting the payloads, attackers can infer whether the SQL query execution was successful, failed, or...
Continue reading

Understanding the Vulnerability In this type of Blind SQL Injection attack, when a single quote (') or double quote (") is used, the server returns an HTTP 500 error, indicating that the SQL query is broken. When two quotes (''...
Continue reading

Time-based SQL injection involves inserting a payload that delays the server response by a specific time, allowing attackers to infer database behavior based on response times. By analyzing these delays, attackers can determine the presence of a vulnerability and potentially...
Continue reading