PinnedMajixAccount Takeover via Weak Reset Token EntropyDiving in how entropy can affect the security of reset tokens and may lead to account takeovers.Jul 9Jul 9
PinnedMajixStored XSS to Account Takeover (AWS Cognito)Hello again! Today, I want to discuss a recent finding from my penetration test. We’ll examine how AWS Cognito handles data insecurely and…Jun 6Jun 6
MajixGetting Into Cybersecurity: A RoadmapHello everyone! Typically, I share content about bugs and findings from my pentests. However, after accumulating some knowledge in this…Jun 20Jun 20
MajixAdvanced Web Cache PoisoningIn my recent blog post, I briefly explained the concept of a web cache poisoning (WCP) attack. In this entry, we will delve deeper into how…May 31May 31
MajixA basic Android Pentest Lab SetupCreating a basic Pentest Lab for Android applicationsMay 19May 19
MajixReflected XSS via Cache PoisoningUncovering Reflected XSS Vulnerabilities through Caching MechanismsMay 16May 16
MajixUser Enumeration in the login processTwo ways to enumerate users during the login processJan 141Jan 141