Mahmuduzzaman KamolEasily Capture Non-Proxy-Aware Android Application Traffic in BurpsuiteWhen it comes to web security testing, Burp Suite is an indispensable tool for many professionals. However, capturing traffic from…May 29May 29
Mahmuduzzaman KamolinAWS TipAWS S3 and Lambda Mini Project with LocalstackWhat is localstack?May 25May 25
Mahmuduzzaman KamolVelociraptor Deployment in DockerVelociraptor is a unique, advanced open-source endpoint monitoring, digital forensic and cyber response platform.Apr 1Apr 1
Mahmuduzzaman KamolHow to fix Host Header Injection with F5 iRuleWhile reviewing the ASV (Approved Scanning Vendor) assessment report of our server, a host header injection issue was detected within…Oct 17, 2023Oct 17, 2023
Mahmuduzzaman KamolExif Data to RCE!Exif data is embedded in digital photos, containing details like date, time, camera settings, and GPS coordinates. It helps photographers…Sep 20, 2023Sep 20, 2023
Mahmuduzzaman KamolAzure subdomain takeover step by step!Today I scanned some subdomain list via nuclei. I received a info like this:Aug 17, 2023Aug 17, 2023
Mahmuduzzaman KamolExposed .git to bitbucket account owner’s all repository access!During a investigation I found an open .git directory. So I can use GitTools to get the source code of the website. Simple Right?Aug 16, 2023Aug 16, 2023
Mahmuduzzaman KamolGraphQL API Hacking!Usually graphql endpoint are located at www.example.com/graphql.Jun 22, 20231Jun 22, 20231
Mahmuduzzaman KamolGenymotion — Proxying Android App Traffic Through Burp Suite in WindowsFirst install genymotion from here. Make sure to pick the version with virtualbox.Jun 20, 20231Jun 20, 20231