🎯 HTTPZines

All About HTTP and Its role

https://securityzines.com/zines/http.html

#bugbounty #Infosec #hacking #penetrationtesting #cybersecurity

In JS (==) convert both values in the same type. In this case Empty String and Empty Array both are boolean value of false
So, they evaluate as equal

Undefined is not a reserved keyword

In js array, it ignore last ,

If a string is not empty == will convert it into boolean value of true so they both are equal 😊

Type of f is undefined and we are adding typeof f to 1
So it is
"1undefined"

Penetration Testing Certifications

Field Wise Categorized

#bugbounty #infosec #cybersecurity

If You wanna Enter the field of Android Penetration Testing

Then, You should Open This Thread 🧵

Check Out My Thread Tweet: https://twitter.com/Aacle_/status/1613027118874759170?s=20&t=OsOm8ggHNNP9PY3yJYfLdA

js support unicode so 'ü' this is allowed in the variable name so the answer is true!!

🚀 API SECURITY TIP

"Trying to find BOLA (IDOR) in APIs, got 401/403 errors? AuthZ bypass tricks:

• Wrap ID with an array {“id”:111} --> {“id”:[111]}
• JSON wrap {“id”:111} --> {“id”:{“id”:111}}
• Send ID twice URL?id=<LEGIT>&id=<VICTIM>
• Send wildcard {""user_id"":""*""}"

🚀 Amazing XSS Guide

Collection of Awesome XSS resources and help you to understand XSS sanitization and tricks to bypass it

https://github.com/s0md3v/AwesomeXSS

#bugbounty #infosec #hacking #cybersecurity #penetrationtesting

[1,2,3]==[1,2,3] is false because JavaScript actually has two different approaches for testing equality. Primitives like strings and numbers are compared by their value, while objects like arrays, dates, and plain objects are compared by their reference. That comparison by reference basically checks to see if the objects given refer to the same location in memory.