Pentesting blogs

Simple Buffer Overflow Explained

Posted on 2022-09-15 00:00:00 -0700

In this article am gonna talk about buffer overflow attacks presents in software Before diving into exploitation you need to get information of gdb,python,bash,C,assembly and registers So, i firmly recommend to learn those stuff before diving into buffer overflow exploitation Stack based overflows are more exploitable accross the globe then... [Read More]

Exploiting SUID misconfiguration for root shell

Posted on 2022-02-12 00:00:00 -0800

Introduction [Read More]

Tags: privilege escialation

chaining improper authentication to idor and no rate limit for mass account takeover

Posted on 2021-11-12 00:00:00 -0800

Hello folks, hope you all are doing well Today i will share a vulnerablity i discovered in a bug bounty program which leads to takeover of mass accounts login ito the website so let’s start [Read More]

Tags: bug hunting

Diving In Heap glibc Architecture

Posted on 2021-06-13 00:00:00 -0700

This resarch paper is inspired from azeria If you wanna learn and understand more I will provide resources in comment section. Introduction of Heap and Memory As we all know Our memory consist of various data segments like HEAP, STACK, DATA, BSS, GOT, PLT, TXT as you can see in... [Read More]

Tags: exploit Development heap

ssrf exploitation for rce part:2

Posted on 2021-05-30 00:00:00 -0700

Introduction hey folks! what’s up? This is my second artice about ssrf exploitation if you doesn’t read part 1 you can read it from in this article here I divided ssrf there in two types according to my resarch blind ssrf and untrusted input So, i picked up remote code... [Read More]

Tags: ssrf web pentesting