Hello there, hackers. I hope you’re doing well and catching a lot of bugs and dollars! So, for today, I’m here with a comprehensive methodology for recognizing account takeover. What is an Account takeover? ATO or Account Hijacking is a kind of Attack, which allows an unauthorized user to gain…

Hello Hackers, Hope you guys Doing well and hunting lots of bugs and Dollars ! well, so for today we are going to talk about CSRF, some relevant bypasses, Impact and mitigation. What is Cross site request forgery ? CSRF stands for cross site request forgery. CSRF is an attack…

Hello Hackers, Hope you guys Doing well and hunting lots of bugs and Dollars ! Well, so for today I’m back with one of my recent findings. Which I would like to share with you guys. That is OTP bypass with response manipulation techniques. What is response manipulation? Response manipulation…

Hello Hackers, Hope you guys Doing well and hunting lots of bugs and Dollars ! I always prefer to hunt bugs on file upload functionality on any web application. Vulnerabilities in file uploads will generally give you high severity bugs and it is not too secure at the time. …

Hello Hackers, Hope you guys Doing well and hunting lots of bugs and Dollars ! well, so for today we are going to talk about a very hot topic which is Multi-factor Authentication. Before jumping to this topic let’s understand some basic ideas about MFA. What is Multi-factor Authentication? This…

Hello Hackers, Hope you guys Doing well and hunting lots of bugs and Dollars! For today we are going to talk about some web security vulnerability, which occurs on password reset functionality. …

Hello Hackers, Hope you guys Doing well and hunting lots of bugs and Dollars ! we have already discussed XSS in our previous article “All about XSS “. So let me introduce you to another way of finding XSS which can occur via a file upload. A file upload is…

Hello Hackers, Hope you guys Doing well and hunting lots of bugs and Dollars ! Well, let’s start and learn about Information disclosure and methodologies to find them. What is Information disclosure ? Information disclosure is when a web application fails to properly protect confidential information, which causes revealing sensitive…

Hello Amazing Hackers, Hope you guys Doing well and hunting lots of bugs and Dollars ! Well, let’s start and learn about cross-site scripting attacks and methodologies to find them. What is cross-site scripting (XSS) Cross-site scripting (XSS) is one of the most popular vulnerabilities in today’s web applications. This…