Remote Code Execution via Cookie ManipulationRemote Code Execution (RCE) is a common vulnerability, often stemming from file upload functionalities where users upload PHP files that…Dec 27, 2024Dec 27, 2024
SSRF Leads to AWS EC2 Compromise and Account TakeoverSSRF vulnerabilities can pose significant risks, as they often allow attackers to interact with internal systems that are not directly…Nov 26, 2024Nov 26, 2024
Understanding Request Smuggling: A Deep Dive into HTTP ExploitsGet an overview of this attack with real examples and dive deep into understanding every aspect.Sep 27, 2024Sep 27, 2024
Chowkidar: Your Digital PehredarHello everyone, I am excited to introduce Chowkidar, a platform designed specifically for security enthusiasts and researchers in the field…May 20, 2024May 20, 2024
The Art of Access: Privilege Escalation through Multiple MethodsMost of you are familiar with privilege escalation attacks. For those who are not, it’s an attack where a user with limited privileges…Feb 23, 2024Feb 23, 2024
What Vulnerabilities We Get from a File UploadLately, I’ve transitioned my preferred vulnerability testing focus from user input to examining the upload functionality. This shift…Jan 13, 2024Jan 13, 2024
Lab setup for Vulnerability Assessment and Penetration TestingOver the years, I have dedicated myself to testing and exploring more efficient tools and scripts to simplify the process of initiating…Jan 7, 20242Jan 7, 20242
How I got my first RCEAs a penetration tester, the task of uncovering all vulnerabilities can be quite challenging. Clients expect to identify numerous critical…Jan 5, 2024Jan 5, 2024
