How I found Blind SQL Injection just by browsing and getting a unique URL




SYNACK Red Team Member.

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

API Trading Contest Goes Live - 100,000 USDT to be Won

Creating a Cinema Simulator Using Python

Crown Development Update 16. Sept

SRE / DevOps / Kubernetes Weekly Collection#71(Week 23, 2021)

Best Cross-Platform Development with Flutter

NEST — HackTheBox WriteUp

Installing pytorch and tensorflow with CUDA enabled GPU

SRE / DevOps / Kubernetes Weekly Collection#8(Week 13)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Jawad Mahdi

Jawad Mahdi

SYNACK Red Team Member.

More from Medium

IDOR with Autorize!

Interesting Stored XSS

[ Directory Traversal attack ] How did I find it using GitHub

IDOR vulnerability on invoice and weak password reset leads to account take over