2026-01

Security

Server-Side Template Injection: From {{7*7}} to RCE

A practical guide to Server-Side Template Injection: detecting, fingerprinting, and escaping Jinja2 and Twig sandboxes to achieve RCE.
2026.01.12
SecurityWeb Exploitation
Security

Authentication Bypass Techniques: Logic Flaws, SQLi, Weak Resets, and 2FA Bypass

A practical walkthrough of four authentication bypass classes — logic flaws, SQLi, weak password resets, and 2FA bypass — with detection and defense.
2026.01.10
SecurityWeb Exploitation