In the realm of ethical hacking, reconnaissance, often referred to as the “information gathering” phase, is the crucial first step. To…

Bug Bounty POC Preparation Guide For XSS Vulnerability

Self-learning big bounty

Welcome back to the 2nd story in the “Threat Modeling Handbook” series. In the last story, we discussed what is a threat model and why it…

Unveiling the Threat of IDOR Vulnerabilities By Hacking a Fintech Provider Ethically

PDFs have become an essential part of our digital world, facilitating seamless document sharing across platforms. However, with the rise of…

Hi! Today I’m working on the machine DC-4 from Proving Grounds Play / VulnHub. This is writeup 63 out of 100 as I prepare for OSCP. This…

Achieving the status of an ethical hacker without a degree may appear overwhelming. However, it is entirely feasible by adopting the…

In today’s rapidly evolving technological landscape, the emergence of sophisticated cyber threats and attacks has brought to the forefront…

InfoSecSherpa: Your Guide Up a Mountain of Information!

Users noticed a significant omission after Meta released the Threads app: a web version. Did Meta release a web version in response to the…

Ключові моменти:

Introduction

Introduction:

This lab’s password reset functionality is vulnerable. To solve the lab, reset Carlos’s password then log in and access his “My account”…

Hey hackers!!! Hope u all are doing very well in you life. Today I will be sharing about a Privilege Escalation vulnerability I found on a client’s website. I found a Privilege Escalation bug with…

Discover the intriguing tale of how I stumbled upon an IDOR (Insecure Direct Object Reference) vulnerability in Examfit’s (Virtual Name of private program)Expense Validation system, and how this flaw…

In this article, I will show you how you can code your own subdomain scanner using the Python programming language. Finding subdomains of a…

Application Security Testing for the Unvalidated Redirects and Forwards.

In this article, I will talk about how I managed to discover over 10 2FA Bypasses on a Single Program and Page

Hey Guys! What’s up! I know for the naughty ones, it’s sky cause’ I am one of them. (LOL) 
Ok! Let’s go.