How I perform the JSON CSRF with method override technique.

CSRF(Cross-Site Request Forgery) is a kind of web application vulnerability, using this a malevolent can forge the HTTP request witho...

In WebSecurity, APISecurity, Dec 29, 2023
Why Appropriate Content-Type Header Matters In REST API Security: Ft. JSON XSS.
How to analyze the SSL/TLS configuration(sslscan).
The Art of Identifying X$$ & WAF Bypass Fuzzing Technique.

All Stories

How I perform the JSON CSRF with method override technique.

CSRF(Cross-Site Request Forgery) is a kind of web application vulnerability, using this a malevolent can forge the HTTP request without the actual user knowledge. This will result in ...

In WebSecurity, APISecurity, Dec 29, 2023
How I perform the JSON CSRF with method override technique.

Why Appropriate Content-Type Header Matters In REST API Security: Ft. JSON XSS.

Before diving into the specifics of the Content-Type header, let’s quickly recap what REST APIs are all about. REST is an architectural style for designing networked applications. It ...

In APISecurity, XSS, cross-site-scripting, REST-API, Dec 28, 2023
Why Appropriate Content-Type Header Matters In REST API Security: Ft. JSON XSS.

How to analyze the SSL/TLS configuration(sslscan).

SSL/TLS Analysis & Attacks

In network, kali-tool, Dec 28, 2023
How to analyze the SSL/TLS configuration(sslscan).

The Art of Identifying X$$ & WAF Bypass Fuzzing Technique.

A smart way to hunt Cross-Site Scripting vulnerability

In WebSecurity, cross-site-scripting, Sep 30, 2023
The Art of Identifying X$$ & WAF Bypass Fuzzing Technique.

Learn and Earn with the Most Common Unsecured Methods of OTP Bypass Techniques.

Discover the ultimate guide for bug bounty hunters to detect sneaky OTP validation vulnerabilities!

In WebSecurity, APISecurity, Jul 11, 2023
Learn and Earn with the Most Common Unsecured Methods of OTP Bypass Techniques.

The Importance of Checking User-Agent Header Dependency in Penetration Testing.

Never ever give a chance to leave a bug to automated scanners.Introduction:

In WebSecurity, APISecurity, Jun 02, 2023
The Importance of Checking User-Agent Header Dependency in Penetration Testing.

How to secure-docker-instance-with-basic-Authentication

Nginx reverse proxy with Basic Authentication

In secureinfrastructure, Jul 01, 2022
How to secure-docker-instance-with-basic-Authentication

Never leave this tip while you are hunting Broken Access Control.

A special Bug-Bounty tip for Bug hunters and Pen-testers

In WebSecurity, APISecurity, Nov 12, 2021
Never leave this tip while you are hunting Broken Access Control.

How-to-deploy-a-personal-VPN-in-Linode

A better way to take control of your online privacy

In secureinfrastructure, Jul 11, 2021
How-to-deploy-a-personal-VPN-in-Linode

Genymotion-Xposed-Inspeckage-Setup.

Android application dynamic analysis lab setup on windows

In AndroidSecurity, MobileAppPT, Jul 03, 2021
Genymotion-Xposed-Inspeckage-Setup.

Featured