PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsAPI Security for DevelopersChecklist for Developers for securing APIsJan 23, 20238Jan 23, 20238
PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsA tale of a full Business Takeover — Red Team DiariesThis story is going to be about a Red Team engagement conducted on a big fashion brand that is owned and ran by a small family in India…Feb 11, 2023Feb 11, 2023
PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsHow I chained multiple CVEs & other vulnerabilities during a Red Team engagement — Red Team DiariesThe exploitation of Pulse VPN application to gain full control on the VPN server and pivot across the cloud infrastructure.Jul 25, 2022Jul 25, 2022
PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsCVE-2022–32511 | Exploit | Remote Code ExecutionDescription:Jun 29, 2022Jun 29, 2022
PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsFinding 0-days in Enterprise ApplicationA tale of ‘Site-wide Account Takeover’Jul 17, 2022Jul 17, 2022
Dhanesh Dodia - HeyDannyinInfoSec Write-upsBest Security Practice for CI/CD Pipeline & DevOps Team | OWASP’s Top 10 CI/CD Examples & SolutionSecure Your CI/CD Pipeline: A Deep Dive into OWASP’s Top 10 CI/CD Security Risks with Practical ExamplesAug 261Aug 261
Dhanesh Dodia - HeyDannyinInfoSec Write-upsA Comprehensive approach for testing for SQL Injection VulnerabilitiesTL;DRSep 6, 20232Sep 6, 20232
Dhanesh Dodia - HeyDannyinInfoSec Write-upsOWASP API Top 10 — API SecurityTL;DR — The blogs covers code samples that highlight common vulnerabilities related to the OWASP API Top 10. This blog will cover each…Jul 14, 20232Jul 14, 20232
Dhanesh Dodia - HeyDannyinInfoSec Write-upsWeb Application Penetration ChecklistTL;DRMar 29, 2023Mar 29, 2023