Hacking Websites: Everything You Need to Know
Do you want to learn about Hacking Websites? Although you may not know how and where to learn about it, we will explore various ways to hack a website in-depth in this article. Disclaimer For … Read more
Social Engineering
Roadmap to Becoming a Red Teamer in 2023
What is Red Teaming Red teaming is a methodology we have for conducting cyber security assessments in which an organization conducts a simulated cyber attack on its own systems, processes, or personal networks. The purpose … Read more
Information disclosure vulnerabilities
Information disclosure vulnerabilities or Information Leakage is a web vulnerability we have, in which personal information on our website is exposed on the internet. This information could be users’ details, website-related files, or data that … Read more
5 Essential Tips to Keep Your Facebook ID Secure
In this article, we will study the security of Facebook in-depth and learn 5 Essential Tips to Keep Your Facebook ID Secure, so no one will be able to compromise or hack. your account I … Read more
Offline Password Cracking
We are continuing to discuss authentication vulnerabilities, and Offline password cracking is a part of authentication vulnerability. Today, we will give you a rough idea about the lab we will be solving. We exploit this … Read more
Prototype Pollution: Client-side prototype pollution in third-party libraries
Introduction to client-side prototype pollution in third-party libraries Client-side prototype pollution is a security vulnerability that arises when user input is allowed to modify the prototype of an object in unexpected ways, potentially leading to … Read more
Prototype Pollution: Client-side prototype pollution via flawed sanitization
Introduction to Client-side prototype pollution via flawed sanitization Client-side prototype pollution via flawed sanitization is a security vulnerability that can occur in web applications when the input validation process fails to properly check for prototype … Read more
Prototype Pollution: DOM XSS via an alternative prototype pollution vector
Introduction to the DOM XSS via an alternative prototype pollution vector Alternative prototype pollution vectors can be exploited to execute malicious code in a victim’s browser, leading to DOM-based cross-site scripting (XSS) attacks. This vulnerability … Read more
Prototype Pollution: DOM XSS via client-side prototype pollution
Introduction: What is DOM XSS and What are Prototype Pollution Attacks? DOM XSS is a type of web vulnerability where an attacker can inject harmful code into a website that’s viewed by other users. It … Read more
Publicly Accessible Localhost Service Free Cloud Service
Hello there, Masaud here. Today we will not talk about ngrok at all. In this article, I am going to teach you a completely new and unique method. After learning this method, you will definitely … Read more
Password reset poisoning via middleware
Password reset poisoning via middleware is a part of our authentication vulnerability where an attacker uses the password reset feature. The attacker captures the password reset request and modifies it by inserting their own link. … Read more
2-Factor Authentication broken logic | Web Security Academy
Introduction to the 2-Factor Authentication broken logic We have server-side vulnerabilities in our possession, which are essentially a part of authentication vulnerabilities. Due to the 2-Factor Authentication broken logic vulnerability, an attacker or hacker can … Read more
Username enumeration via subtly different responses
Introduction to the Vulnerability As we explore authentication vulnerabilities, we are faced with different challenges. This time, we will be exploring username enumeration again. However, sometimes developers do not give any clue in error messages … Read more
Advanced Bug Bounty Automation
Introduction Hey there, my name is Masaud Ahmad and today we are going to automate bug bounty hunting and web application pentesting from basics to advanced. This process requires the need for several tools and … Read more
Password Reset Broken Logic 2023
Password reset broken logic is a web vulnerability that is primarily categorized as an authentication vulnerability. If a website or application has a password reset broken logic vulnerability, then an attacker or hacker can exploit … Read more
2-Factor Authentication Simple Bypass
Today, we will study 2-Factor Authentication. We will learn how 2-Factor Authentication can be bypassed. Before bypassing 2-Factor Authentication, you should know what 2-Factor Authentication is. We are continuing our series on Authentication Vulnerabilities and … Read more
What Is Authentication Vulnerabilities
What is Authentication Before studying Authentication Vulnerabilities, it is important to understand the basic concept of Authentication. Authentication is a process where a user is required to verify their credentials before logging in to a … Read more