PinnedVipul JainInsufficient blacklisting of dangerous file types, File Upload Vulnerability series (Part 3b-II)Obfuscating file extensions to by-pass blacklist of filesJul 31Jul 31
PinnedVipul JainInsufficient blacklisting of dangerous file types, File Upload Vulnerability series (Part 3b-I)By-passing defense mechanism for file upload vulnerabilityJul 29Jul 29
PinnedVipul JainBrute-forcing secret keys, JWT Series (Part 3)Solving web security academy labApr 17Apr 17
Vipul JainCircumventing common SSRF defenses, SSRF series (Part 2b)Bypassing SSRF filters via open redirectionSep 17Sep 17
Vipul JainCircumventing common SSRF defenses, SSRF series (Part 2a)SSRF with blacklist-based input filtersAug 12Aug 12
Vipul JainIntroduction to server-side request forgery and common attacks, SSRF series (Part 1b)SSRF attacks against other back-end systems.Aug 8Aug 8
Vipul JainIntroduction to server-side request forgery and common attacks, SSRF series (Part 1a)Introduction to SSRF and common attacksAug 5Aug 5
Vipul JainExploiting flawed validation of file uploads, File Upload Vulnerability series (Part 3a)By-passing defenses against file upload vulnerabilityJul 25Jul 25
Vipul JainExploiting unrestricted file uploads to deploy a web shell, File Upload Vulnerability series (Part…Deploying web shells, executing arbitrary commands on a serverJul 22Jul 22
Vipul JainIntroduction to File Upload Vulnerability and web shells (Part 1)What are file upload vulnerabilities?Jul 20Jul 20