Check Path Traversal over again.
Path traversal attack is one of the OWASP top ten issues widely found in web applications which occurs due to improper handling of user input. Learn more about path traversal…
POST based Open Redirect to R-XSS
Hope you guys are fine in this hard time, I am glad to share something which I have recently discovered and it’s about escalating Informational issue to Medium severity. i.e…
Subdomain takeover via dangling Ngrok DNS record.
Hope you guys are doing well since it’s been a long I haven’t shared anything because of some personal issues and stuff, even though it ain’t much of research, just…
CEH Practical Walkthrough
CEH Practical is a 6 hours lab-based practical exam that includes a set of challenges with Web, Host, Forensic, and Network. The exam took place in iLabs, where we are…
Misconfigured WordPress takeover to Remote Code Execution
Hello Everyone, I hope you guys are doing well. I am sharing a recent issue which I discovered today only. And this is the most instant write-up I have ever…
The Tricky XSS
Hello everyone, I would like to share a riveting issue regarding XSS (Cross-Site Scripting ) I endured a few months ago. Cross-site scripting (XSS) is a type of security vulnerability…
Subdomain takeover via pantheon
I hope you are having a great time, I would like to share an issue which i discovered in less than 10 minutes and got rewarded $XXXX bounty within 24…
An inconsistent CSRF
I discovered Cross-Site Request Forgery (CSRF) issue in one of the bug bounty programs but limited to some easy and simple actions only. After spending a few minutes by browsing…
No Rate limiting eligible for bounty ?
I have seen most of the peoples searching for No rate limiting issue at endpoints like password reset resulting into mass email triggering, SMS triggering or sometimes abusing it for…
Parameter Pollution issue in API resulting $XXX
When it comes regarding API pentesting, I am always eager to test it even though I don’t succeed to find critical issues. It was one of the private programs from…