Cancel

Leveraging LFI to RCE in a website with +20000 users [Bug Hunting]

Hello researchers and bug hunters! Recently I found an interesting attack vector which I would like to share with you. Without losing time, let’s jump into it. Visiting the website (port 443), we ...

Oct 4, 2020 2020-10-04T00:00:00+02:00

Bypassing WAF to perform XSS [Bug Hunting]

Recently I was hunting for some XSS and I come up to a website (lets call it website.com for privacy reason) where it had an admin login form on /admin directory. Instinctively I tried entering ...

May 28, 2020 2020-05-28T00:00:00+02:00

JSON Web Token Exploitation - Red Team Pentesting

NOTE:: Hello researchers, hope you are doing great during these tough times. However recently I was doing some research on JWT (JSON Web Token), for CTF-Purpose, however I couldn’t get what I wante...

Apr 5, 2020 2020-04-05T00:00:00+02:00

Leveraging LFI to RCE in a website with +20000 users [Bug Hunting]

Bypassing WAF to perform XSS [Bug Hunting]

JSON Web Token Exploitation - Red Team Pentesting

Trending Tags