Well i got lots of questions from peoples that is it neccessary to learn programing to become a bug hunter,ethical hacker,pentester etc. in short i will use term “security resarcher” so, i decided to write that post to answer that questuions ..and though its my personal opinion everyone have their...
[Read More]
Order_quantiity_bypass_and_csrf_lead_to_disable_account_of_victim
in this article i will show how a csrf attack and cart rate limit bypass leads to ddos on victim account which leads to temprory ban of user account i was pentesting on private website it was a e-commerce website where you can buy and purchase goods after spending a...
[Read More]
Web_cahe_posioning_to_xss_and_ssrf
i don’t waste time by talking about myself …i gonna share my experience of a bug “web cache poisioning” in bug bounty as usually i was pentesting on private sites i saw there my paraminer shows an unkeyed url with secret url Before exploiting part i wanna share my thoughts...
[Read More]
How_i_was_able_to_pawned_website_via_escilating_webcache deception to rce
hello folks ! here is my article of how i was able to exploit web cache deception to obtain rce :3 i was doing resarch on web cache deception and i decide to penetst it on real web then i found a website which was vulnerable to web cache deception...
[Read More]
Authentication_token_bypass Leads Too_idor
here is the article how i was able to bypass authentication token and able to exploit idor and add any user to add events of website ..before coming on main topic that how i find the vulnerablity let me clear your core concepts about authorization tokens
[Read More]
Why_is_programing_neccessary_for_pentesting
Well i got lots of questions from peoples that is it neccessary to learn programing to become a bug hunter,ethical hacker,pentester etc. in short i will use term “security resarcher” so, i decided to write that post to answer that questuions ..and though its my personal opinion everyone have their...
[Read More]
Order_quantiity_bypass_and_csrf_lead_to_disable_account_of_victim
in this article i will show how a csrf attack and cart rate limit bypass leads to ddos on victim account which leads to temprory ban of user account i was pentesting on private website it was a e-commerce website where you can buy and purchase goods after spending a...
[Read More]
Web_cahe_posioning_to_xss_and_ssrf
i don’t waste time by talking about myself …i gonna share my experience of a bug “web cache poisioning” in bug bounty as usually i was pentesting on private sites i saw there my paraminer shows an unkeyed url with secret url Before exploiting part i wanna share my thoughts...
[Read More]
How_i_was_able_to_pawned_website_via_escilating_webcache deception to rce
hello folks ! here is my article of how i was able to exploit web cache deception to obtain rce :3 i was doing resarch on web cache deception and i decide to penetst it on real web then i found a website which was vulnerable to web cache deception...
[Read More]
Authentication_token_bypass Leads Too_idor
here is the article how i was able to bypass authentication token and able to exploit idor and add any user to add events of website ..before coming on main topic that how i find the vulnerablity let me clear your core concepts about authorization tokens
[Read More]