Penetration Testing

Good day, everyone! This is my second article, this time on DOM XSS. An open redirection vulnerability was escalated to DOM XSS. If you haven’t already, please read my previous blog about Reflected XSS. My introduction: I am Mohamed Dhanish, Security Researcher. I’ve been studying, practicing, and learning Bug Bounties…

Recently, I’ve been learning more about Active Directory and how it is used in today’s modern networks. This article attempts to provide a general overview of Active Directory basics and utilizes the TryHackMe room titled “Active Directory Basics”, created by the user Cryillic, to get some hands-on experience with the…

Every tech company has ventured into creating online or digital platforms for their brand to better connect them to their consumers and provide a more effective and convenient transaction between their clients. It is crucial for development teams to ensure that every web application they produce is thoroughly checked to…

Folks, for those of you who didn’t know, I absolutely have a blast every-time I have to perform web app testing; because the way to exploit insecure designs are always different from one client to another. I recently wrapped up a testing engagement, and was able to discover a high…

สวัสดีค่ะ ตอนนี้กำลังอยู่ในช่วงเปลี่ยนสายงานจาก Web Dev, Marketing, Content Writer, Accounting, Project-co, Project Manager ก็คือเหมาทำมาหมดแล้ว ถึงคราวที่เราจะหวนคือสู่สังเวียนไปเป็น White Hacker แล้ว!! หรือที่เรียกว่า Penetration test หรือ Pentest ตามที่ทุกคนรู้จักกันดีค่ะ 😘 เรามาเริ่มจากการศึกษาช่องโหว่แบบต่างๆ กันก่อนเลยดีกว่าจากโดยเริ่มจากการศึกษาช่องโหว่ต่างๆ จากเว็บ Owasp top 10 โดยจะเริ่ม Web application กันก่อนค่ะ

Cyber Security Education Level: Easy Challenge: Emdee five for life by Hack the box (HTB) A very easy challenge by HTB — Emdee five for life — that shows why programming is crucial for basic challenges in cyber security. This small entry challenge tells you how to do web requests…

Do you remember the first time you learned how to use cut/copy/paste functions? I can’t say I remember specifically for myself (because old), but earlier in my career, I spent a lot of time training people of all levels on using computers and software. In some cases, I would work…

I start usually by updating the hosts file on my computer, in order to make accessing the machine easier without the need of typing the IP address each and every time. If you are not able to do it, you can just keep using the ip address through out the…