OneHackManExploiting XML External Entity (XXE) InjectionsXXE injection is a type of web security vulnerability that allows an attacker to interfere with the way an application processes XML data…Jan 4, 20203Jan 4, 20203
OneHackManLearning XSS: Part 2 — Stored XSSI’ve made it through the XSS chapter of Portswigger’s Web Security Academy, which I highly suggest. It has helped me a lot to understand…Dec 30, 20191Dec 30, 20191
OneHackManSharing files between Host Machine and VM with ONE commandOne command to improve your lifeDec 24, 2019Dec 24, 2019
OneHackManLearning XSS: Part 1 — Reflected XSS (Brief Concept, Techniques, Challenge Walkthrough)This is going to be a long series of posts on Cross Site Scripting. I have had some experience with it in the past but I would be lying if…Dec 17, 20192Dec 17, 20192
OneHackManCross Site Request Forgery: TechniquesIn my last post on CSRF I discussed the basics of the attack and offered, what I think is, a great analogy for anyone who has a tough time…Dec 9, 2019Dec 9, 2019
OneHackManCross Site Request Forgery (English)Information inspired from Real-World Bug Hunting. A fantastic book to get into web hacking/bug huntingDec 8, 2019Dec 8, 2019
OneHackManHTTP Parameter Pollution (Español)Información del libro “Real-World Bug Hunting”. Un libro fantástico aprender más sobre la piratería informática y bug hunting.Nov 28, 2019Nov 28, 2019
OneHackManHTTP Parameter Pollution (English)Information inspired from Real-World Bug Hunting. A fantastic book to get into web hacking/bug huntingNov 28, 20191Nov 28, 20191