Kaan AtmacaAre VPN Servers Safe to Use?Recent events have led many to wonder: is it safe to log in to social media platforms using a VPN? Aug 6Aug 6
Kaan AtmacaSQL Injection: DB Breach & Secure Coding PracticesDuring my recent web application test, I identified a SQL injection vulnerability that exposed sensitive user data, including usernames…Jul 21Jul 21
Kaan AtmacaCSRF leading to Account TakeoverToday, I’d like to share an account takeover I uncovered during my latest web penetration test. As is my routine, I began by familiarizing…May 23May 23
Kaan AtmacaExploiting XML Injection to Establish Unauthorized SSH ConnectionToday, I’m thrilled to share my discovery of a critical vulnerability within a web application that ultimately led to unauthorized SSH co)…May 23May 23
Kaan AtmacaPDF Upload Leading to Stored XSSHello everyone, I want to share an interesting discovery from my latest penetration testing task. While exploring a web application, I…Dec 5, 202311Dec 5, 202311
Kaan AtmacaAccount Takeover via Business LogicHi! In a recent web pentest project by using business logic, I was able to bypass the one-time password, leading to an account takeover.Oct 20, 20233Oct 20, 20233
Kaan AtmacaAPI Information Disclosure Leading to Admin Account TakeoverHi everyone! In this project, my primary responsibility was to identify vulnerabilities in the website’s APIs. I’d like to share an…Sep 18, 20231Sep 18, 20231
Kaan AtmacaOTP Bypass via Source Page InspectionI will explain an OTP (One-Time-Password) Bypass I found during a website penetration test. Lets get into it…Sep 18, 2023Sep 18, 2023