Hey Everyone! Let’s learn something new as it is going to be fun learning today. Lets assume that the testing domain is “www.example.com” and it has the functionality to Sign-In/Register accounts. Step 1: Register two accounts (Attacker: vamp9006 Victim: vamp8896) on the application using the register functionality.

PowerShell Script Analyzer, also known as PSScriptAnalyzer, is a static code analysis tool (SAST tool), which examines the PowerShell written code and evaluates it for various machine-measurable best practices. The module accomplishes this through rules, each of which defines a best practice and tells the engine how to scan for…

Hey Folks! Thanks for your responses on my last blog. Let’s learn something new today as it is going to be damn interesting one. If you have been into web application Pentesting you must have encountered or got stopped by Cloudflare for sure. Cloudflare secures and ensures the reliability of…

Hey everyone! This bypass is little bit interesting and you will get to learn a lot hopefully. So I was going through this website which actually deals with teacher’s login and education stuff (Government website). Let’s call this website “example.com”.

I would love to call them Frauds instead of hackers because they are using cheap social engineering tricks to manipulate naïve people and taking over their account. I’m damn sure that you all have encountered frauds over the internet. I have recently encountered one of the scenario which I would…

Hey Everyone! This is about another low-hanging fruit (I’m still not a pro) in one of the web applications listed by OpenBugbounty. For those of you who don’t know about OpenBugBounty, it is a responsible disclosure platform that allows independent security researchers to report XSS and similar security vulnerabilities on…

Hey Everyone! This is my second write-up and I have successfully caught another low-hanging fruit in one of the prominent online reseller’s web applications (Cannot disclose the name of the website, the issue is not resolved yet). I was exploring this web application manually which is running a self-hosted vulnerability…

Hey Everyone! I have recently started my vulnerability disclosure journey and this is my first write-up (many more to come. PS: Pray for me ). Instead of directly jumping into Bug bounty platforms I was looking for targets (Mostly the low hanging fruits to boost my confidence) through google dorks…

When it comes to data security, every minor detail is considered to be very important. In our daily life, we may be following some guidelines to protect our Digital private information on the various online platforms but the same awareness has faded away when it comes to the security of…