Kristof Riebbelskriebbels.hashnode.net·Mar 26, 2023FeaturedThe hidden dangers of JSONs: Hunger silencedPreviously on... In my previous blog post, I wrote about deserialization attacks and how to prevent them. I ended the post with a section called Hunger. There I stated I still doubted the link between JSON inside a string property and when the valida...Discuss·38 likes·589 readsSecurityjson
Aditya Dixitallthingssecurity.hashnode.net·Dec 3, 2022Manipulating AES Traffic using a Chain of Proxies and Hardcoded KeysOverview Mobile applications are becoming more resilient to reverse engineering and tampering with all kinds of client and server-side protections, binary hardening, code obfuscations, SSL pinning, etc which makes it that much more difficult for good...Discuss·20 likes·4.6K readsSecurity
Chioma Ibeakanmachiomaibeakanma.hashnode.net·Jul 7, 2022JANGOW: 1.0.1 Walkthrough | VulnhubJangow is a box on Vulnhub that is centered on enumeration. Enumeration is a very important step in penetration testing. Enumeration is a process in pentesting where you establish an active connection with the victim and try to discover as many attac...Discuss·15 likes·1.1K readsVulnhub Walkthroughs with Chioma IbeakanmaCTF
marcos albanoautomateops.hashnode.net·Apr 21, 2023How To Become A PentesterHi, pentesters! if you are new in this field chances are that you struggle to find a kind of road map to get into this amazing field, but don't worry you came into the right place, I'll show you some of the most basic tools that you need to master to...Discusspentesting
Zeynzeyn.hashnode.net·Apr 3, 2023CTF - Mustacchio (THM)Énumération Port Scan Pour la partie scan des ports, j'utilise un tool que j'ai développé qui permet simplement d'effectuer un scan nmap plus rapidement. ┌──(root㉿kali)-[~/thm] └─# nmaped 10.10.0.139 Starting Nmap 7.93 ( https://nmap.org ) at 2023-0...DiscussCTF
Mạnh Đình Nguyễnndmcyb.hashnode.net·Apr 2, 2023Bounty in just 5 minutes through IDORHello Bounti-ers, Here is an easy finding which I want to share... After I recon with my custom bash, as normal, scan first and manual at the same time. While waiting for the scanning to end, I actively seek all test case logic in my target. Sign up ...Discuss·1 likesecurity testing
The Chief - Omarchiefomar.hashnode.net·Apr 1, 2023The Week That Was... phewBismillah I don't remember exactly whose YouTube Video it was but someone mentioned that to learn Bug Bounty, Pentesting, and Red teaming, practice is key. The past two weeks have been constituted of a large amount of Pentesting theory and a substant...Discussbugbounty
The Chief - Omarchiefomar.hashnode.net·Mar 27, 2023Burp Suite-s meBismillah In today's work, I learned how to use the various Burp Suite Tools. What is Burp Suite? Burp suite is a software platform that contains multiple tools that are helpful in vulnerability scanning, penetration testing, understanding, and secur...Discusspentesting
Kristof Riebbelskriebbels.hashnode.net·Mar 26, 2023FeaturedThe hidden dangers of JSONs: Hunger silencedPreviously on... In my previous blog post, I wrote about deserialization attacks and how to prevent them. I ended the post with a section called Hunger. There I stated I still doubted the link between JSON inside a string property and when the valida...Discuss·38 likes·589 readsSecurityjson
Tanvir alam shaanshaan1.hashnode.net·Mar 23, 2023Get Quality Service with my Fiverr GigAs a professional cyber security specialist and OSINT expert with over 6 years of experience, I know how important it is to protect your website from cyber threats. That’s why I offer a range of services that help safeguard your website from hackers ...Discuss·2 likes#cybersecurity
The Chief - Omarchiefomar.hashnode.net·Mar 21, 2023Decisions, Decisions: Jr. Pentester vs. Jr. Security Analyst?Bismillah More often than not, we arrive at crossroads and are faced with a choice to make. In a grocery store, do we pick coconut oil or vegetable oil? Do we go for the latest Mercedes Benz or the latest BMW in a car yard? And for me in cyber securi...Discusspentesting
Alex Humadovulnresearch.hashnode.net·Mar 18, 2023Pentesting Frameworks And How They Work - A Dive Into Web And Mobile App Pentesting.Hey everybody, welcome back to the series. Today, we will be taking a deep dive into the world of what a real pentest engagement looks like and the processes involved. We will also look at how the process looks regarding mobile. During mobile app pen...DiscussMobile Application Pentesting Series (MAPS)Mobile apps
H02forNight Wolf Teamnamhabach-1675304502192.hashnode.net·Mar 18, 20230-day vulnerabilities at Sitecore PageDesignerSitecore is one of the leading enterprise-level content management systems built on ASP.NET, enabling web content editors and marketers to have full control over all aspects of their website from social integration and blog posts to advanced personal...Discuss·34 reads0day
