How I found an IDOR in deletion of comparison lists
Read about an interesting scenario of IDOR that allowed to me view private user information and also delete publicly available list.
1 Comment
September 26, 2021
Here is how to hunt for OAUTH vulnerabilities
The post disccuss around the basics of OAUTH and how to hunt for OAUTH vulnerabilities like leaking tokens, abusing redirect URI, absense of state parameter.
July 7, 2021
How to setup your blog on WordPress with right theme and plugins
How to setup a wordpress blog from scratch with all the essential plugins to use. The theme that will make your site look and feel awesome.
June 2, 2021
Dont just sanitize but also escape – A fable of sanitize_text_field
The post talks about an interesting find of XSS even when the filter was used. It also covers the mistakes that a developer makes while sanitizing input.
May 21, 2021
Blind XXE attacks – Out of band interaction Techniques (OAST) to exfilterate data
The post covers various techniques by which sensitive data can be exfilterated using out of band interaction in XXE
April 24, 2021
XXE Simplified: The concept, Attacks and Mitigations
XXE remains amongst the one with a critical score on the severity perspective. Why? Being able to read server's sensitive files is where the victim can be fully compromised.
April 14, 2021
The docker cheatsheet: Doing things the docker way
Docker can never replace a VM but it has got its own special benefits. know more about the docker features
March 20, 2021
WinjaCtf 2021 solutions
Hey everyone! This blog post covers writeups of the challenges that were created by me as part of WinjaCTF 2021. WinjaCTF is an initiative by Nullcon and it organises CTF annually. Read about my experience at first nullcon here The challenges created by me were : pieceofpie, junk, art gallery, find me, binarybits, Redeem me. I will be giving a detailed writeup…
March 12, 2021
My experience with Nullcon Training – Hacking and Securing Kubernetes clusters by Madhu
It was my first Nullcon Training and It was a super-amazing experience. In the blog, I have mentioned about the happenings of all the 4 days. Do check it out.
March 4, 2021
Doctor hackthebox walkthrough
Doctor is an easy linux machine from hackthebox. The initial foothold exploits SSTI/XSS and with splunkd you get the privilege escalation
January 12, 2021
Ghoul hackthebox walkthrough – Part 2
Ghoul is a hard linux machine from hackthebox The privilege escalation exploits the gogs vulnerability and ssh-agent's sign-on mechanism to get the root.
January 5, 2021
Ghoul Hackthebox walkthrough – Part 1
Ghould is a hard linux machine from hackthebox. Find the machine in the retired section.
January 5, 2021
The ultimate guide to HTTP request & response headers
End-users constantly make GET or POST request to the internet to retrieve information. The most common protocol used here is HTTP/S. But this communication is not just about making requests. It needs to be meaningful when sent from client to server or vice-versa. Here’s when HTTP header comes in. With headers, client/server can send additional information with HTTP request. In this blog…
September 10, 2020
How to deploy a Django Web Application for free on pythonanywhere
Deploy django web applications for free on pythonanywhere. Also solve the hassle of storing static files.
August 21, 2020
Buff hackthebox walkthrough
Hey there! This is Shreya and today I am gonna show you how to pwn buff from hackthebox. Buff is an easy level windows machine having a straightforward way to obtain initial foothold. Privilege escalation to Administrator requires to abuse a service that has its exploit available on exploit-db, still its tricky to get through. With that being said, let's get started.…
July 27, 2020