Everything about CSP (Content Security Policy)and bypassing it Like a PRO!!What is CSP? 🤔 Content Security Policy (CSP) is a security feature implemented by modern web browsers to prevent various types of attacks…Aug 17, 2024152Aug 17, 2024152
Privilege escalation through insecure configuration.First of all, let’s deal with the insecure configuration. To begin with, IT professionals often use manuals and resources like…Jun 29, 202152Jun 29, 202152
Cracking JWT signatureI am testing an API that uses JWT for authentication. This JWT is signed HS256 to prevent modification. I figured that if I define the…Jun 1, 2021332Jun 1, 2021332
Automate WordPress recon for Bug Bounty | WordPress:Cheat sheetWordPress is a fairly large and complex product, with its own pros and cons, so there are a sufficient number of tools that allow you to…Mar 23, 20212081Mar 23, 20212081
Bypassing WAF with incorrect proxy settings for Hunting Bugs.Let’s Suppose the target system has the address-:Feb 24, 202193Feb 24, 202193
Published inInfoSec Write-upsBounty Tip !! Easiest way to bypass API’s Rate Limit.What is Rate Limit ?Apr 14, 20203023Apr 14, 20203023
Published inInfoSec Write-upsBounty Tip: How to bypass authorization in SAML !Security Assertion Markup Language (SAML) is an open XML-based standard for exchanging authentication and authorization data between…Apr 3, 20201022Apr 3, 20201022
Published inInfoSec Write-upsBounty Tip- Open redirection escalated further into an XSS !!What is Open Redirection?Mar 22, 20201092Mar 22, 20201092
Published inInfoSec Write-upsEverything you want to know about IOT Security ! SimplifiedThe Internet of things is a network of devices that are connected to the Internet, controlled through it, and can exchange data with each…Mar 19, 2020Mar 19, 2020
Published inInfoSec Write-upsBounty Tip : How to Push Injection through JSON/XML stubs for APIHow to find vulnerabilities where no one has looked for them yet?Mar 15, 2020Mar 15, 2020
Published inCyber VerseGot Easiest Bounty with HTML injection via email confirmation!HTML injection is an attack very similar to Cross-site Scripting (XSS), whereas in XSS the attacker can inject and execute Javascript code…Mar 11, 2020Mar 11, 2020
Published inCyber VerseGot *Bounty* with Account takeover (ATO ) Unicode-Case Mapping Collision !Hey hunters ! Recently I discovered a Unicode-Case Mapping Collision vulnerability on a private program.Mar 5, 20203Mar 5, 20203
Published inCyber VerseHow to create a Telegram-RAT (Remote Access Trojan)-2020There are a lot of hidden channels and bots with different illegal and piracy content. I can suggest you an article where some of these…Mar 2, 2020Mar 2, 2020
Published inCyber VerseDictionary For Hacking an active directory!Collection Method - is the collection method to use. This parameter takes a comma-separated list of values. It has the following potential…Jan 27, 2020Jan 27, 2020
Published inCyber VerseEarn Bounty !! with HTTP request smuggling attack.HTTP request smuggling is an attack in which an attacker interferes with the processing of a sequence of HTTP requests that a web…Jan 10, 2020Jan 10, 2020
Published inCyber VerseHow to find IP and geographic location of the person with PHP scripting.Are you interested in finding the geographic location of the person you are talking to?Dec 30, 2019Dec 30, 2019
Published inCyber VerseAuthentication Bypass — With X Path injection and SQL injection | CyberVerseAuthentication Bypass for sites and web applications is unauthorized access to the administrative section or sections of the site and…Dec 27, 20191Dec 27, 20191
Published inCyber VerseFive easy steps to understand JSON Web Tokens (JWT)JSON Web Token (JWT) Is a JSON object and it is considered one of the safest ways to transfer information between two participants. To…Dec 21, 2019Dec 21, 2019
