Fahad AbdullahDetecting Hidden Vulnerabilities: Access Token Leakage in Android ApplicationsDuring a recent Android penetration test, I uncovered a significant access token leakage vulnerability that bypassed static analysis tools…Aug 15Aug 15
Fahad AbdullahBroken Authentication and Session Management: A Case Study of an Overlooked VulnerabilityIn the world of cybersecurity, even minor oversights in authentication and session management can lead to significant vulnerabilities…Aug 8Aug 8
Fahad AbdullahBug Bounty Made Easy: Essential Tips for Finding VulnerabilitiesEmbarking on a bug bounty journey can be both exciting and challenging. To streamline your efforts and maximize your chances of discovering…Jul 31Jul 31
Fahad AbdullahWeb application penetration testing methodology that you should adopt1: Subdomain Enumeration: We often skip subdomain enumeration and that may let you miss easy catch. Subdomain enumeration helps you out…Jul 31Jul 31
Fahad AbdullahExploiting Broken Authentication Vulnerabilities: A Deep Dive into Bypassing OTP Verification and…Broken Authentication vulnerabilities pose significant security risks in web applications, often leading to account takeovers and…Jul 29Jul 29
Fahad AbdullahCommon DoS Vulnerabilities and How to Fix ThemEvery organization wants to have defenses against DOS (Denial of Service) upfront and is ready to invest in minimizing the impact in case…Jul 15Jul 15
Fahad AbdullahComprehensive Mobile Apps Vulnerability Assessment & Penetration Testing ProjectIn this post, I will walk you through a detailed account of a comprehensive Vulnerability Assessment and Penetration Testing (VAPT) project…Jun 11Jun 11
Fahad AbdullahAWS Cloud Infrastructure Pentest Writeup: A Deep DiveThis writeup provides a detailed account of penetration testing (pentest) against the AWS cloud vulnerable infrastructure, highlighting the…Feb 8Feb 8