HackthePlanetArrested for hacking? Read this.Here’s a brief (non-lawyers) outline of some legal defences you should know from history, procedures to follow, and hopefully remain a free…Jun 13Jun 13
HackthePlanetHacking the Deep Web[Part:0]: Discovering the real IP addresses of .onion sitesAs well as being a huge fan of TOR and its technical implementation, I also love hacking tor-based sites (Disclaimer: with permission of…Jun 10Jun 10
HackthePlanetBug Bounty Platforms are a Scam [Mostly]I know the title of this blog post may sound vitriolic or even bombastic. However, I do feel that it’s justified — stick with me for a few…Mar 1727Mar 1727
HackthePlanetHacking APIs — vAPI [api7] Walkthrough {Security Misconfiguration}Hello again friends. I’ve decided to add a walkthrough for each of the vAPI challenges. This is the walkthrough for Api 7 — Security…Jan 4Jan 4
HackthePlanetHacking APIs — vAPI [api6] Walkthrough {Mass Assignment}Hello again friends. I’ve decided to add a walkthrough for each of the vAPI challenges. This is the walkthrough for Api 6— Mass Assignment.Jan 21Jan 21
HackthePlanetHacking APIs — vAPI [api5] Walkthrough {BFLA}BFLA is very closely related to BOLA in the sense that user access controls are not strictly enforced which leads to exploitation. The…Jan 1Jan 1
HackthePlanetHow Malaysia can solve Cyber Security in 3 steps (by a hacker)Although the title of this blog is based on Malaysia, a country I have spent almost a decade visiting (which you should visit too, even if…Dec 29, 2023Dec 29, 2023
HackthePlanetBug Bounty Chronicles: an SQL death spiralTLDR: On my first bug bounty program I spent a week chasing down what looked like an sql injection bug, only to have no sleep and no…Sep 9, 2023Sep 9, 2023
HackthePlanetHacking APIs — vAPI [api1] Walkthrough {BOLA}Hello again friends. I’ve decided to add a walkthrough for each of the vAPI challenges. This is the walkthrough for Api 1 — Broken Object…May 28, 2023May 28, 2023
HackthePlanetHacking APIs — vAPI [api9] Challenge WalkthroughAs someone who loves hacking APIs and is currently working through vAPI— I ran into a few stumbling blocks on challenge — API 9. So, I am…Mar 27, 2023Mar 27, 2023