Our latest articles

WPScan: WordPress Vulnerability Scanner

By Romain Garcia on 06/07/2024 in the Tools category

Article illustration

WPScan is an open-source tool that allows you to scan a WordPress site to find vulnerabilities and security issues. In this article, I will explain how to install and use WPScan to secure your WordPress sites.

Fix XSS on formatted text with iframe sandbox

By Romain Garcia on 03/07/2023 in the Ethical Hacking category

Article illustration

To fix an XSS on formatted text, it is not possible to simply encode the data, as this would remove all possibility of text formatting. This is where the "sandbox" parameter of the HTML "iframe" tags will make our life easier. Indeed, this parameter is designed to automatically clean what is in the iframe from anything that could be dangerous, while keeping the harmless HTML tags.

Why perform a penetration test

By Romain Garcia on 02/12/2023 in the Ethical Hacking category

Article illustration

A penetration test is a form of security audit that consists in trying to hack a system (web application, servers, company network...) using the same tools as a real attacker.