yoshi m lutfiinInfoSec Write-upsSQL Injection in The HTTP Custom HeaderIt has been a long time since my last write-up. in this short write up I wanna share my last year's findings about SQL Injection that I…Jun 14, 20236Jun 14, 20236
yoshi m lutfiHow I found (P2) Broken Authentication with Zero Skill of HackingThis is a local bounty program in my country that I recently joined, I choose one of the programs and try to analyze it, this program runs…Dec 21, 20211Dec 21, 20211
yoshi m lutfiinInfoSec Write-upsByPass SSL Pinning with IP Forwarding | iptablesAfter struggling with common tools to bypass SSL pinning, because the app that I’m testing won’t show some HTTPS traffic that I try to…Dec 6, 20212Dec 6, 20212
yoshi m lutfiinInfoSec Write-upsBypassing OTP Verification for Changing PIN in Registered Mobile Banking Account.Assalamu’alaikum (Peace be upon you)Jul 25, 20211Jul 25, 20211
yoshi m lutfiAccount Take Over with HTTP Pollution Attack at Reset Password FunctionalityFirst of all, this is my first write up about finding or bug when I work as cyber security. and also I try to write this post with English…Jul 16, 20215Jul 16, 20215