cheatsheet

Securing SuiteCRM on Apache

SuiteCRM is a popular open-source Client Relations Manager (CRM). I took some time to review the code and basic implementation of the application within a vanilla Ubuntu Debian build. I found good security practices within the application itself, however, it seemed that the majority of configuration guides available would ultimately lead to security concerns in Securing SuiteCRM on Apache

SQLmap Cheatsheet and Examples

SQLmap

Target the http://target.server.com URL using the “-u” flag: sqlmap -u ‘http://target.server.com’ Specify POST requests by specifying the “–data” flag: sqlmap -u ‘http://target.server.com’ –data=’param1=blah&param2=blah’ Target a vulnerable parameter in an authenticated session by specifying cookies using the “–cookie” flag: sqlmap -u ‘http://target.server.com’ –cookie=’JSESSIONID=09h76qoWC559GH1K7DSQHx’ Drop all Set-Cookie requests from the target web server using the “–drop-set-cookie” flag: sqlmap -u ‘http://target.server.com’ SQLmap Cheatsheet and Examples