diff --git a/src/pentesting-web/command-injection.md b/src/pentesting-web/command-injection.md
index e84179e05..d3e593336 100644
--- a/src/pentesting-web/command-injection.md
+++ b/src/pentesting-web/command-injection.md
@@ -189,13 +189,6 @@ topicurl=<handler>&param=-n
 topicurl=setEasyMeshAgentCfg&agentName=;id;
 ```
 
-Hardening and detection:
-
-- Reject inputs that start with `-` and enforce strict allowlists and types (IP, MAC, SSID, etc.).
-- Always pass user data after a literal `--` where supported and never allow extra flags from user-controlled fields.
-- Prefer safe APIs (no shell); for wrappers, construct fixed argv templates with no user-controlled flags.
-- Look for unauthenticated hits to centralized CGI endpoints (e.g., `/cgi-bin/cstecgi.cgi`) with selector parameters and values beginning with `-`.
-
 ## Brute-Force Detection List
 
 
@@ -213,4 +206,4 @@ https://github.com/carlospolop/Auto_Wordlists/blob/main/wordlists/command_inject
 - [HTB Nocturnal: IDOR → Command Injection → Root via ISPConfig (CVE‑2023‑46818)](https://0xdf.gitlab.io/2025/08/16/htb-nocturnal.html)
 - [Unit 42 – TOTOLINK X6000R: Three New Vulnerabilities Uncovered](https://unit42.paloaltonetworks.com/totolink-x6000r-vulnerabilities/)
 
-{{#include ../banners/hacktricks-training.md}}
\ No newline at end of file
+{{#include ../banners/hacktricks-training.md}}