In this article, I would like to cover how it is possible to efficiently check thousands of endpoints for potential Cross Site Scripting…

Somewhere in the world. November 2023

First Whoami : Dris R. A Security Researcher, Penetration Tester from Paris ,France.

Securing your CDK code by incorporating cdk-nag checks in CDK pipelines

In the rapidly advancing realm of technology, mobile applications have become an integral part of our daily lives. From social networking…

Want to uspkill in CSRF Hunting? If so, then this post is for you.

Introduction: A secure Spring Boot and JSP application for booking vehicle services. Features Asgardeo OIDC for authentication.

Hello Psychomong People. I am back with Website Scanner, I ve recieved queries on that How can we get the hyperlinks using python script…

Katana is an incredibly built go-lang based web crawler which is a great stand alone reconnaissance tool, and also works perfectly in…

This Application performs the same as the previous one. The results of the SQL query are not returned, and the application does not respond…

Herkese merhaba ! Bir önceki yazıda IDOR ile Hesap Devralma Hikayemden bahsetmiştim .

Click 👉 Ruby One to upgrade your crypto experience.

This is a detailed introduction to HTTP/2 Request Smuggling and various methods of exploiting vulnerabilities. The case study uses…

Directory search involves the systematic exploration of a web application’s file structure to uncover hidden paths, files, or directories…

The use of deceptive environments, where organizations create fake assets and data to confound and mislead attackers. This proactive…

Enhance Your Web Application Security Testing

In the intricate realm of web vulnerabilities, XML External Entity (XXE) Injection stands as a silent predator, capable of infiltrating web…

Zone Transfer, which is often used in large organizations and is especially important for multiple DNS servers, can cause a serious…

Disclaimer: This information is meant for learning purposes only. We strongly discourage any illegal activities, including unauthorized…

Here are my favorite 5 security resources added to my security resource database since yesterday. These resources will range from blogs and Reddit posts, through paid resource subscriptions and…