Welcome back amazing another important topic on how I found out clickjacking bug. Initially after doing the recon phase did some SQL injection, XSS, XXE, and SSRF but I couldn’t find anything interesting.
After I looked for any headers missed or not and I came to know X-Frame-Options missed out.
…
Welcome back amazing hackers, in this blog, I am going to show you an interesting walkthrough writeup that might be useful in bug bounty findings.
let's get into the writeup, firstly deploy the machine after that making some Nmap scan to find the useful information.
From the Nmap result, I…
Welcome back amazing fellow hackers in this blog you are gonna see how to walk through websites manually for security issues in websites by inbuilt tools in the browser.
We are gonna see a list of inbuilt tools that we are gonna walk through on browsers which are :
Hi, amazing hackers in this story you are gonna how to what is SQL injections and how to find them in different types.
SQL injection is also defined as SQLi, an attack scenario on an application web server database by executing malicious queries in the database which results in stealing…
TryHackme provides amazing cybersecurity contents day by day you can learn and practice more to enrich the skills. It gives anyone who is interested to enter cybersecurity it is a right platform and you can more updates and success stories of those who succeed in this field. …
Hello, Amazing fellow hackers welcome back for a new write-up on authentication writeup on Tryhackme room. So let’s discuss the concept.
Authentication bypass is the critical type of vulnerability that leads to exposure of sensitive information of legitimate persons.
Username Enumeration:
Username enumeration is the concept in which used to…
Hi folks, welcome back I am here with a pretty cool writeup on IDOR vulnerability. First of all, IDOR means Insecure Direct Object Reference.
This sort of weakness can happen when a web server gets client provided contribution to recover objects (records, information, reports), an excess of trust has been…
Welcome back great hackers I am here another cool topic one of the OWASP top 10 topics which is the XXE attack concept. XXE stands for XML External Entity which abuses XML data/parsers. It allows the hacker to interact with backend data. …
Welcome back amazing hackers with the prosperous new year 2022. I came up with a cool blog on the interesting topic of cross-site scripting.
One of the security vulnerabilities found on the web application. Attackers use these malicious scripts and must be executed into the victim machine.
Types involve in…
Hello guys, In this blog we are going to see about vulnversity part 2 walkthrough.
Let’s get into part 2 of the Vulnversity challenge. After gathering the directory/internal and there is an option to upload the reverse_shell.phtml change PHP into PHTML. …
