Automating Subdomain Takeover Discovery with Shell ScriptingSubdomain takeovers occur when an attacker gains control over a subdomain that is still pointing to an unused or unclaimed external…Mar 19Mar 19
Active Reconnaissance | TryHackMe (THM) | With Details WriteupsActive reconnaissance is a phase in the penetration testing or hacking process where the attacker or security tester directly interacts…Jan 11Jan 11
My Second Bug: XSS(self) on Comment BoxHi Bug Hunter, Today, I am writing about my second bug discovery on VDP (Vulnerability Disclosure Program). My First Bug was XSS via HTML…Sep 19, 20241Sep 19, 20241
Bypass Brute-force IP BlockIn bug bounty, sometimes we are stuck by the target login page when we attempt too many invalid usernames or passwords. Most of the time…Aug 25, 2024Aug 25, 2024
Status Codes You Have to know as a Bug HunterParticularly for web application testers, HTTP status codes are important for application security. After collecting subdomains, you must…Jun 29, 2024Jun 29, 2024
5 Common Methods to Bypass OTP Authentication in Bug HuntingAn authentication bypass vulnerability is a weakness in a system that’s supposed to check who a user is. It allows attackers to slip past…Mar 20, 2024Mar 20, 2024
SQL injection attack, listing the database contents on non-Oracle databasesStep 1: Go to the product category to ensure whether this is SQL injection vulnerable or not. If it shows ‘Internal Server error Or HTTP…Aug 11, 2023Aug 11, 2023
Some Basics of SQLiSome of the common SQLi commands which are important to perform SQL injection attack:Aug 1, 2023Aug 1, 2023
My CTF Starting 001When I started my journey, I was too much confused. I was waiting for a long time to get a proper guideline. Today I am sharing with you…Aug 1, 2023Aug 1, 2023
