Understanding Request Smuggling: A Hidden Web Vulnerability (K-Edition)What is Request Smuggling?Jul 4, 2024Jul 4, 2024
Bypassing Cloudflare’s WAF!Before skipping through this write up and look for the final payload — be sure you understand what you read. Lots of you just copy and…Feb 19, 20222Feb 19, 20222
Reflective XSS via search box [Bypassing Cloudflare WAF].On August 1, 2021 I decided to hunt a program on Hackerone — Redacted.Aug 25, 20212Aug 25, 20212
The Most Basic CSRF!This guide or explanation or however you want to call it is very simple. I will explain how to perform such an attack in this guide.Dec 2, 20201Dec 2, 20201
Subdomain takeover [Awarded $200]The story is simple, the reward was “alright”. Let’s start. ^_^May 7, 20192May 7, 20192
XSS Through SWF file!First off, I’d like to say thank you to everyone who’s followed and helped me learn different target points and attacks for web testing.Jan 18, 20191Jan 18, 20191
Two subdomain takeovers on website Calm!I was searching this website http://calm.com using Sublist3r and I noticed that two of their subdomains were using Shopify that were no…Nov 21, 2018Nov 21, 2018
Reflected XSS in Realgm.A little back story to why I was “hunting” this website in the first place.Sep 7, 2018Sep 7, 2018
XSS at Hubspot and XSS in email areas.For those asking me what this Tweet and this Tweet is about — then I will be explaining it here in details as much as possible.Aug 13, 20184Aug 13, 20184
Self XSS leads to blind XSS and reflected XSS.In regards to this tweet: https://twitter.com/Skeletorkeys/status/1026497897871884289Aug 6, 20183Aug 6, 20183
![Reflective XSS via search box [Bypassing Cloudflare WAF].](https://miro.medium.com/v2/resize:fill:80:53/1*RiD62BhEWWJXiesmE-_5GA.png)
![Reflective XSS via search box [Bypassing Cloudflare WAF].](https://miro.medium.com/v2/resize:fill:160:107/1*RiD62BhEWWJXiesmE-_5GA.png)
![Subdomain takeover [Awarded $200]](https://miro.medium.com/v2/resize:fill:80:53/1*5Bkpv8WCGtl6S9fRATtZ6A.jpeg)
![Subdomain takeover [Awarded $200]](https://miro.medium.com/v2/resize:fill:160:107/1*5Bkpv8WCGtl6S9fRATtZ6A.jpeg)
