Assalam u Alikum Everyone, it’s been a while since my last writeup. So here I am with another interesting finding. GraphQL Introspection is a feature of the GraphQL specification that allows clients to query information about a GraphQL API’s schema. …

Assalam u Alikum, it’s been a while I haven’t contributed to this wonderful community so I am back with a new write up about WebSocket which is fun to exploit. So first of all what is WebSocket? WebSockets allow the client/server to create a 'full-duplex' (two-way) communication channels, allowing the…

Hi Folks, hope you are all fine, so this writeup is about exploiting JSONP to extract private data from API endpoints and bypassing the security check by the server. JSONP is (JSON With Padding), JSONP was created to grant cross-origin read access to JavaScript, it acts as an exception to…

So you guys must be aware of CSRF attack, if not then here is a short intro: CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. CSRF attacks specifically target state-changing requests, CSRF attack can force the…

This writeup is about the CORS Misconfiguration by which I was able to perform a CSRF attack to change other users account Info. The target let’s just say it was named redact.com was sending a PUT request to the server for updating User Information like Address, Name, etc. An Origin…

In this writeup, I will talk about how I earned a total of $1800 by exploiting Clickjacking on pages where User sensitive information was disclosed, It was a private program on Bugcorwd. So there were some API endpoints, which were disclosing User Information like Credit Card Data, Email, Name, Phone…

This writeup is about how I was able to change other users account email with clickjacking. It was a private program on Bugcrowd. The Profile page of the site allows the user to change their email and there was no X-Frame Header on that page so the profile page can…

So here is another writeup about how I bypassed XSS filter and created a payload to get user credit card data. It was a private program on bugcrowd, let’s just say it was named Redact. Here is the URL https://www.redact.com/us/en/my-account/quotes?searchCriteria=QuoteID&amountOperator=equal&searchValue=XSS The parameter searchValue was reflected inside an input feild. So…

Hi, So this is my first write up, This write up is about how I was able to get into other users account, by stealing their cookies. It was a private program on bugcrowd, let’s just say the program was named Redact. I created my account on one of the…