PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsAPI Security for DevelopersChecklist for Developers for securing APIs4 min read·Jan 23, 2023--8--8
PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsA tale of a full Business Takeover — Red Team DiariesThis story is going to be about a Red Team engagement conducted on a big fashion brand that is owned and ran by a small family in India…5 min read·Feb 11, 2023----
PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsHow I chained multiple CVEs & other vulnerabilities during a Red Team engagement — Red Team DiariesThe exploitation of Pulse VPN application to gain full control on the VPN server and pivot across the cloud infrastructure.6 min read·Jul 25, 2022----
PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsCVE-2022–32511 | Exploit | Remote Code ExecutionDescription:2 min read·Jun 29, 2022----
PinnedDhanesh Dodia - HeyDannyinInfoSec Write-upsFinding 0-days in Enterprise ApplicationA tale of ‘Site-wide Account Takeover’3 min read·Jul 17, 2022----
Dhanesh Dodia - HeyDannyinInfoSec Write-upsA Comprehensive approach for testing for SQL Injection VulnerabilitiesTL;DR4 min read·Sep 6, 2023--2--2
Dhanesh Dodia - HeyDannyinInfoSec Write-upsOWASP API Top 10 — API SecurityTL;DR — The blogs covers code samples that highlight common vulnerabilities related to the OWASP API Top 10. This blog will cover each…8 min read·Jul 14, 2023--2--2
Dhanesh Dodia - HeyDannyinInfoSec Write-upsWeb Application Penetration ChecklistTL;DR5 min read·Mar 29, 2023----
Dhanesh Dodia - HeyDannySupply Chain Security — Poisoning Supply Chain EcosystemAnalysis of malicious package teleterm2 min read·Dec 28, 2022----