PinnedPublished inInfoSec Write-upsA Beginner’s Guide to Pentesting GraphQL APIsGraphQL has gained immense popularity for its flexibility in API design. As a bug bounty hunter or pentester, understanding how to exploit…Jan 81Jan 81
Published inInfoSec Write-upsEscaping the Citrix Sandbox — Understanding Citrix BreakoutHello security enthusiasts, and pentesters! 👋Jul 14, 2024Jul 14, 2024
Published inInfoSec Write-upsChecklist for Forgot Password functionalityHello hackers! It’s been a long time. Today, we will delve into a small curated checklist for Forgot password functionality. Security…Jun 26, 2024Jun 26, 2024
Navigating the Dark Web: Unveiling Leaked Credentials and Safeguarding Your Online SecurityThe internet comprises different layers — the clear web, accessible via mainstream search engines like Google or Bing, and the…Dec 29, 2023Dec 29, 2023
Published inInfoSec Write-upsIs it safe to expose your Firebase API key?“Is it safe to expose your Firebase API key?’ In short, yes. The Firebase API key mainly helps Google servers recognize your project and…Dec 9, 20231Dec 9, 20231
Published inInfoSec Write-upsTesting vulnerabilities beyond traditional cases — around login/signup featuresHey there, fellow hackers and bounty hunters! Today, we’re diving into some nifty techniques to poke around login, signup, and…Dec 8, 2023Dec 8, 2023
Published inInfoSec Write-upsMastering API Penetration Testing: A Comprehensive Guide for Security PentestersUnderstanding API Penetration Testing:Nov 29, 2023Nov 29, 2023
Published inInfoSec Write-upsCVSS 4.0: Unveiling the Vulnerability Scoring SystemIn the world of cybersecurity, understanding the severity of vulnerabilities is crucial. This is where CVSS (Common Vulnerability Scoring…Nov 6, 2023Nov 6, 2023
Published inInfoSec Write-upsThe Art of Google Dorking for ReconHey there, fellow bug hunters and curious minds!Nov 5, 2023Nov 5, 2023
Published inInfoSec Write-upsWeChat and Baidu Super-apps: Uncovering the Authentication Secret Leakage ProblemHello, everyone! Continuing from our previous discussion about “What mini-apps are,” if you haven’t had a chance to read that article yet…Oct 18, 2023Oct 18, 2023