How I perform the JSON CSRF with method override technique.
CSRF(Cross-Site Request Forgery) is a kind of web application vulnerability, using this a malevolent can forge the HTTP request witho...
How to analyze the SSL/TLS configuration(sslscan).
In network, kali-tool, Dec 28, 2023All Stories
How I perform the JSON CSRF with method override technique.
CSRF(Cross-Site Request Forgery) is a kind of web application vulnerability, using this a malevolent can forge the HTTP request without the actual user knowledge. This will result in ...
In WebSecurity, APISecurity, Dec 29, 2023Why Appropriate Content-Type Header Matters In REST API Security: Ft. JSON XSS.
Before diving into the specifics of the Content-Type header, let’s quickly recap what REST APIs are all about. REST is an architectural style for designing networked applications. It ...
In APISecurity, XSS, cross-site-scripting, REST-API, Dec 28, 2023How to analyze the SSL/TLS configuration(sslscan).
SSL/TLS Analysis & Attacks
In network, kali-tool, Dec 28, 2023The Art of Identifying X$$ & WAF Bypass Fuzzing Technique.
A smart way to hunt Cross-Site Scripting vulnerability
In WebSecurity, cross-site-scripting, Sep 30, 2023Learn and Earn with the Most Common Unsecured Methods of OTP Bypass Techniques.
Discover the ultimate guide for bug bounty hunters to detect sneaky OTP validation vulnerabilities!
In WebSecurity, APISecurity, Jul 11, 2023The Importance of Checking User-Agent Header Dependency in Penetration Testing.
Never ever give a chance to leave a bug to automated scanners.Introduction:
In WebSecurity, APISecurity, Jun 02, 2023How to secure-docker-instance-with-basic-Authentication
Nginx reverse proxy with Basic Authentication
In secureinfrastructure, Jul 01, 2022Never leave this tip while you are hunting Broken Access Control.
A special Bug-Bounty tip for Bug hunters and Pen-testers
In WebSecurity, APISecurity, Nov 12, 2021How-to-deploy-a-personal-VPN-in-Linode
A better way to take control of your online privacy
In secureinfrastructure, Jul 11, 2021Genymotion-Xposed-Inspeckage-Setup.
Android application dynamic analysis lab setup on windows
In AndroidSecurity, MobileAppPT, Jul 03, 2021