YusufHow I Found a High-Severity IDOR Without Using Any Proxy ToolsHello everyone, I’m Yusuf. Today, I will share how I found a high-severity IDOR using nothing more than my tablet pad without any proxy…1d agoA response icon1
InInfoSec Write-upsbySourav KalalIntercepting Thick Client TCP and TLS TrafficIntercepting and analysing the traffic is one of the important parts of the pentest, whether it’s a mobile, web or desktop application. On…3d ago
pm[Guide] Crafting a neat and valuable bug bounty reportTips for becoming a report conoisseur2d ago2d ago
YusufHow I Found a Simple but Impactful Web Cache Deception (WCD) VulnerabilityI’m Yusuf, an AppSec enthusiast and bug hunter. Today, I’ll be sharing a short write-up of one of my findings, purely for educational…Aug 29A response icon3Aug 29A response icon3
SiddiquimohammadSecure Coding : Path Traversal ( os.path.joinModern microservices often expose APIs for downloading reports, logs, or documents.20h ago20h ago
YusufHow I Found a High-Severity IDOR Without Using Any Proxy ToolsHello everyone, I’m Yusuf. Today, I will share how I found a high-severity IDOR using nothing more than my tablet pad without any proxy…1d agoA response icon1
InInfoSec Write-upsbySourav KalalIntercepting Thick Client TCP and TLS TrafficIntercepting and analysing the traffic is one of the important parts of the pentest, whether it’s a mobile, web or desktop application. On…3d ago
YusufHow I Found a Simple but Impactful Web Cache Deception (WCD) VulnerabilityI’m Yusuf, an AppSec enthusiast and bug hunter. Today, I’ll be sharing a short write-up of one of my findings, purely for educational…Aug 29A response icon3
SiddiquimohammadSecure Coding : Path Traversal ( os.path.joinModern microservices often expose APIs for downloading reports, logs, or documents.20h ago
Sagara GunathungamTLS and OAuth2 — Client AuthenticationWhenever we hit a website or web application, we simply trust the browser to verify its authenticity and establish a secure, encrypted…Apr 25
InDevSpherebyAsian Digital HubInvisible Security Layers in PHP That Kill Most Attacks InstantlyHackers aren’t always looking for the big, cinematic breach. More often, they’re poking around for the lazy gaps - the missed validation…19h ago
InTrendyol TechbysockpuppetsBypassing Meta’s Llama Firewall: A Case Study in Prompt Injection VulnerabilitiesHow we bypassed Meta’s Llama Firewall in real-world tests at TrendyolJul 11