Published inSecureBitUnderstanding- Cyber Security Teams and RolesWant to get started in Cybersecurity but still confused about where to start? What role suits your interest and skill? What team to join in…Jun 10, 20211Jun 10, 20211
Published inInfoSec Write-upsUnderstanding & Identifying Insecure Deserialization VulnerabilitiesThis post explains the nitty-gritty of Insecure Deserialization Vulnerabilities. We will be covering basic understanding and…Apr 3, 2021Apr 3, 2021
Published inInfoSec Write-upsGetting started with XSS: Cross-Site Scripting AttacksLet’s get started with XSS, in order to get those critical bugs- CSRF, SSRF, RCE. Most of the time, an XSS flaw is the cause of a…Feb 13, 2021Feb 13, 2021
Published inInfoSec Write-upsExploiting Error Based SQL Injections & Bypassing RestrictionsIn this article, we will be learning how to escalate attacks when we are stuck with Error Based SQL Injections. Before diving in, let’s…Jan 17, 20211Jan 17, 20211
Published inInfoSec Write-upsIdentifying & Exploiting SQL Injection: Manual & AutomatedIn this article, we will start by Identifying the SQL Injection vulnerabilities & how to exploit the vulnerable application. Further, we…Dec 13, 2020Dec 13, 2020
Published inInfoSec Write-upsTesting for Directory or Path Traversal VulnerabilitiesIn this article, we’ll be discussing, how to perform Directory Traversal or Path Traversal attacks, aka “dot-dot-slash”, “directory…Nov 28, 20201Nov 28, 20201
Published inInfoSec Write-upsUnderstanding & Exploiting: Cross-Site Request Forgery — CSRF vulnerabilitiesCross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unintended actions on a web application in which they…Nov 7, 20202Nov 7, 20202
Published inInfoSec Write-upsIdentifying & Escalating HTTP Host Header Injection attacksThe purpose of the HTTP Host header is to help identify which back-end component the client wants to communicate with. Several…Oct 30, 20203Oct 30, 20203
Published inInfoSec Write-upsBreaking down — Command InjectionsCommand Injection or OS Command Injection is Remote Code execution vulnerabilities, where an attacker is able to exploit an unsanitized…Oct 18, 20201Oct 18, 20201
Published inInfoSec Write-upsServer-Side Request Forgery — SSRF: Exploitation TechniqueServer-side request forgery, or SSRF, is a vulnerability that allows an attacker to use a vulnerable server to make HTTP requests on the…Oct 10, 2020Oct 10, 2020
