Prismo Blog

Analysis of CVE-2019-2030: OGNL Expression Language Vulnerability

by Manish Sardiwal   In mid of August, Apache released a security bulletin S2-059 to address a vulnerability CVE-2019-0230. CVE-2019-0230 is an OGNL expression language vulnerability, which may lead to Remote Code Execution in the context of Apache...

Detection of Web Shells

Web shells are one of the critical malware which has extensively been used by threat actors. The web shell can be PHP, ASP, JSP, Perl, Ruby, Python applications. In this white paper, we examine the PHP-based web shell, explain the execution flow of...

White paper: Detection of Injection Exploitation

Web injection exploitation has ruled as the top web application vulnerability for  over a decade. Injection flaws include SQL, NoSQL, OS command and LDAP injection techniques. In this Prismo white paper, we discuss the detection algorithms the...