LORYA basic question in security Interview: How do you store passwords in the database?Explained in 3 mins.May 12, 202465May 12, 202465
InInfoSec Write-upsby7h3h4ckv157Mastering the Realm of GraphQL ExploitationHey Infosec mates,Aug 6, 2023Aug 6, 2023
InInfoSec Write-upsbyAvi LumelskySecure FastAPI with eBPFLeverage eBPF to secure internet-facing APIs: FastAPI, BlackSheep, Flask, Django, aiohttp, Tornado, and more.Sep 3, 20231Sep 3, 20231
InInfoSec Write-upsbyShriyans SudhiMy experience with BugBase copilotMy first experience with bugbase pentest copilot (AI)Sep 2, 2023Sep 2, 2023
Manuel SeitzHow to get your Mac OSX ready for playing CTFs (Hacking)Recently, I wanted to migrate my CTF attack machine environment from my Kali VM to my AMD Hackintosh host system, due to the bad…Sep 22, 20213Sep 22, 20213
G S NagendranHow I Passed OSCP with 110 points in 7 hours(First Attempt) Without MetasploitHi Everyone, this is Nagendran G S back again with a blog on passing OSCP (PEN 200–2023) in my first attempt in 7 hours without Metasploit.Jul 31, 202321Jul 31, 202321
Mohammed WaleedHow I found two api vulnerabilities by analyzing JS source codeHello everybody, my name is Mohammed Waleed, I’m a beginner bug hunter and web developer and today I will share with you how I found two…Jul 27, 202311Jul 27, 202311
Takshal(tojojo)How I Discovered Over 40+ Impactful Vulnerabilities Within 1 Hour, Just for Fun!Hello, I’m Takshal, aka tojojo. I hope you all are doing well. Today, I’m excited to share my journey of finding more than 40+ impactful…Aug 13, 202311Aug 13, 202311
hackysterioFuzzing APIsFuzzing or Fuzz testing is an automated testing method where random, invalid, distorted, or unexpected input is given to an API Endpoint to…Sep 10, 20231Sep 10, 20231
Salman Khan$1,250 worth of Host Header InjectionWhat is Host Header Injection?Sep 24, 202311Sep 24, 202311
InInfoSec Write-upsbyyoshi m lutfiBypassing OTP Verification for Changing PIN in Registered Mobile Banking Account.Assalamu’alaikum (Peace be upon you)Jul 25, 20211Jul 25, 20211
InInfoSec Write-upsbyyoshi m lutfiByPass SSL Pinning with IP Forwarding | iptablesAfter struggling with common tools to bypass SSL pinning, because the app that I’m testing won’t show some HTTPS traffic that I try to…Dec 6, 20212Dec 6, 20212
yoshi m lutfiAccount Take Over with HTTP Pollution Attack at Reset Password FunctionalityFirst of all, this is my first write up about finding or bug when I work as cyber security. and also I try to write this post with English…Jul 16, 20215Jul 16, 20215
InInfoSec Write-upsbyyoshi m lutfiSQL Injection in The HTTP Custom HeaderIt has been a long time since my last write-up. in this short write up I wanna share my last year's findings about SQL Injection that I…Jun 14, 20236Jun 14, 20236
Abdul Rafee WahabAPI & Web Architecture — Security Best PracticesIn my previous two segments, I shared some best practices on how to design and build performant REST APIs.Nov 29, 20215Nov 29, 20215
