Remote Code Execution via Cookie ManipulationRemote Code Execution (RCE) is a common vulnerability, often stemming from file upload functionalities where users upload PHP files that…Dec 27, 2024108Dec 27, 2024108
SSRF Leads to AWS EC2 Compromise and Account TakeoverSSRF vulnerabilities can pose significant risks, as they often allow attackers to interact with internal systems that are not directly…Nov 26, 202419Nov 26, 202419
Understanding Request Smuggling: A Deep Dive into HTTP ExploitsGet an overview of this attack with real examples and dive deep into understanding every aspect.Sep 27, 202418Sep 27, 202418
Chowkidar: Your Digital PehredarHello everyone, I am excited to introduce Chowkidar, a platform designed specifically for security enthusiasts and researchers in the field…May 20, 20246May 20, 20246
The Art of Access: Privilege Escalation through Multiple MethodsMost of you are familiar with privilege escalation attacks. For those who are not, it’s an attack where a user with limited privileges…Feb 23, 202456Feb 23, 202456
What Vulnerabilities We Get from a File UploadLately, I’ve transitioned my preferred vulnerability testing focus from user input to examining the upload functionality. This shift…Jan 13, 202471Jan 13, 202471
Lab setup for Vulnerability Assessment and Penetration TestingOver the years, I have dedicated myself to testing and exploring more efficient tools and scripts to simplify the process of initiating…Jan 7, 2024442Jan 7, 2024442
How I got my first RCEAs a penetration tester, the task of uncovering all vulnerabilities can be quite challenging. Clients expect to identify numerous critical…Jan 5, 202415Jan 5, 202415