Vulnerability Analysis
In-depth guides and analysis on vulnerability analysis from the Safeguard engineering team.
568 articles
What is Cross-Site Request Forgery (CSRF)
CSRF forges an authenticated request using a victim's own session cookie. Learn how it works, real Gmail/YouTube cases, and how to detect and fix it.
What is Server-Side Request Forgery (SSRF)
SSRF turns a server's own trusted network position against it. Learn how the Capital One breach happened, real CVEs, and how to detect and prevent it.
What is Remote Code Execution (RCE)
RCE lets attackers run code on your systems remotely, often without login. Learn how it works, real CVE examples, and how to detect it before exploitation.
What is Command Injection
Command injection lets attackers run OS commands through unsanitized input. Learn how it works, real CVEs like Shellshock and PAN-OS, and how to prevent it.
What is Path Traversal
Path traversal (CWE-22) lets attackers escape a web root using ../ sequences to read or write arbitrary files. Here's how it works, real breaches, and fixes.
What is Directory Traversal
Directory traversal (CWE-22) lets attackers use ../ sequences to read or write files outside a web app's root directory. Here's how it works.
What is XML External Entity (XXE) Injection
XXE injection lets attackers abuse XML parsers to read files, trigger SSRF, or crash services. Here's how it works, real CVEs, and how to stop it.
Citrix Bleed 2 Implications: What CVE-2024-6235 Means for NetScaler Operators
CVE-2024-6235 was the followup to the original Citrix Bleed and exposed sensitive data from NetScaler ADC and Gateway appliances. The technical details and what changes.
What is Insecure Deserialization
Insecure deserialization (CWE-502) lets attackers turn untrusted object data into remote code execution. Here's how the attack works and how to stop it.
What is a Buffer Overflow
Buffer overflows have powered exploits from the 1988 Morris Worm to WannaCry. Here's how they work, why they persist, and how to stop them.
What is a Denial of Service (DoS) Attack
DoS attacks knock systems offline without stealing data. Learn how they work, real-world examples like Mirai and HTTP/2 Rapid Reset, and how to defend against them.
What is a DDoS Attack
A DDoS attack floods systems with botnet traffic until they collapse. See real Tbps records, the Rapid Reset CVE, and how to detect and mitigate one.