Server Side Request forgery — Hey Guys welcome to my blog so today we going to discuss about SSRF vulnerability which is critical/high severity in bug bounty and I going to explain some testing methodologies to find the SSRF quickly and finally end up with a basic SSRF portswigger lab Instead of being a noob…

Insecure Direct Object reference — Hey Guys welcome to the blog today we are going to discuss one of the easiest vulnerabilities to understand which is IDOR and It has a high/critical impact on bug bounty So in this article we going to discuss Testing for IDOR and some bypassing techniques for IDOR finale we…

Bypass CSRF Protection technique — Hey, Guys welcome to my blog so today we are going to discuss about bypassing CSRF the Same Site cookie Protection. …

Bypassing the Referer-Based Header — Hey Guys Welcome to my blog so today we are going to discuss about the bypassing technique of CSRF referer-based defense Checking the referer header protects against CSRF because these headers help servers filter out requests that have originated from foreign sites. Confirming a CSRF vulnerability like this can help…

CSRF ( Cross-site Request Forgery ) — Hey guys welcome to my blog so today we are going to discuss about CSRF protection bypass and in previous I discussed about CSRF attacks and finding CSRF vulnerability so please check out the below article What is CSRF: https://evilox.medium.com/explanation-of-csrf-cross-site-request-forgery-bc6a5042bcbf Finding CSRF: https://evilox.medium.com/unmasking-basic-csrf-bug-hunter-5003dbe44466

Cross-site Request forgery — Hey, guys welcome to my blog so today we are going to discuss about CSRF vulnerability which is probably medium/low severity and we are going to solve the basic portswigger lab of CSRF finale we end up with some common defenses against CSRF “Application security prioritizes impact over bug classification.!!” …

Explain Cross-Site Request Forgery — Hey Guys Welcome to my Blog Today we going to discuss about CSRF vulnerability which is probably medium / Low and sometimes it is out of scope / not applicable to log-in and Logout functionality I will say why this is not acceptable for this function and finale we discuss…

Directory traversal Bug — Hey Guys so today in this blog we going to discuss path traversal vulnerability which has a very high impact on bug bounty and we going to see some lab exercises in the portswigger lab What is Path Traversal? Path traversal or directory traversal allows the attacker to read the file or directory from…

Forgot Htb Writeup — Hey, Guys Welcome to My Blog So Today We are going to discuss about Forgot Hack the box machine And Before going to the writeup if you like this please follow up my profile and give applause to this article because it literally motivate me post more writeup UserFlag: This machine…