Today, we will be discussing how to exploit DOM-based XSS through Misconfigured Postmessage function. Two sites can communicate with each other only when they have the same protocol, hostname, and port. If the two sites do not have similar properties mentioned above, it will trigger the Same Origin Policy There…

What is PDFReacter? - PDFReacter is a parser which parses HTML content from HTML to PDF. While testing an application I have identified that an application is using the PDFReacter parser. PDFReacter is a formatting processor that parses the HTML content to PDF files.so Since an application has an option…

One day I was playing with a tool debookee (Network Traffic Interception) in the office, I noticed that the tool was intercepting facebook cookies in a plain text. What is Debookee? Debookee is able to intercept and monitor the traffic of any device in the same subnet, thanks to a…

While testing an application, there was a module “Delete User” in which an admin can delete any user. If you notice in the request, there is no CSRF Token/Protection implemented into delete user request. This was very easy CSRF that an attacker can send the form to admin and can…

Hi all, Today I am writing a blog about on a recent finding on HackerOne’s one of the program. I was looking for IDORs in an application so I started fuzzing each and every request of an application, I got mentioned request POST /api-2.0/s3-upload-signatures HTTP/1.1 Host: www.example.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac…

Hi everyone, After completing my OSCP certification I thought to give a try to bug bounty, as OSCP has sharpened my exploitationSkills. I will use lol.com to represent an application as can not disclose the website’s name. While i was enumerating an application i got a domain which was basically…

I’ll be using victim.com as a site name in the article as i cannot disclose the name.It was a normal day and i was looking for some good internet plans as my current plan was ended. while i was checking the internet plans, my browser was hooked up with burp…

while i was testing the web application i have found self xss. which has no impact. but i wanted to exploit this vulnerability, so have started thinking that how can i exploit this self xss, and then i have decided to chain the self xss with some other vulnerability. so…

lets start with Cross Origin Resource Sharing. Below is the figure that how CORS works. i was hunting on a private site, at the content discovery time i was noticing every single requests and responses, at that time i have noticed that the application is using “Origin” header in the…