Hacking AWS Cognito Misconfiguration to Zero Click Account Takeover Hi all, hope you are keeping well and staying safe. This blog is about my recent Account Takeover fi... 2022-2-14 13:35:18 | 阅读: 167 | 收藏 | infosecwriteups.com cognito victim accesstoken amz idp

Server-Side Request Forgery to Internal SMTP Access SMTP is a network protocol to send email from the sender’s SMTP server to the email recipient’s SMTP... 2022-2-10 00:59:40 | 阅读: 193 | 收藏 | infosecwriteups.com payload ssrf 587 smuggle php

Everything you need to know about clickjacking Log in the application with the given credentials.If we go to Account actions, we can delete our acc... 2022-2-10 00:59:14 | 阅读: 14 | 收藏 | infosecwriteups.com security ancestors client sameorigin

Shodan.io — TryHackme Hello amazing hackers, I came up with another cool blog based on enumeration. So without wasting any... 2022-2-10 00:53:48 | 阅读: 33 | 收藏 | infosecwriteups.com hypertext amazing

Google Dorks -TryHackme Art of finding juicy informationWelcome back amazing hackers, we are going to see about google dorks... 2022-2-10 00:50:5 | 阅读: 22 | 收藏 | infosecwriteups.com ans sitemap robots ablog dont

Registrations Open for IWCON 2022 — the Online International Cybersecurity Conference Book your seats today!We at Infosec Writeups are organizing IWCon 2022 — our first international cyb... 2022-2-8 18:21:14 | 阅读: 29 | 收藏 | infosecwriteups.com iwcon writeups security sponsor

Content Discovery TryHackme Hi, amazing fellow hackers, I produced an interesting topic web content discovery. It is useful in b... 2022-2-4 14:20:43 | 阅读: 121 | 收藏 | infosecwriteups.com ans machine buckets wordlists seclists

Vulnerability Capstone — Tryhackme Vulnerability ResearchingWelcome back Fello hackers in this blog we are gonna see vulnerability caps... 2022-2-3 00:33:15 | 阅读: 215 | 收藏 | infosecwriteups.com walkthrough fuel machine download

How I Made +$16,500 Hacking CDN Caching Servers — Part 3 @bxmbnBounty: 3,000I didn’t know this was a thing, until i saw @iustinBB ’s a blog about their resea... 2022-2-3 00:31:3 | 阅读: 45 | 收藏 | infosecwriteups.com 301 poisoning attacker awarded

How I Made +$16,500 Hacking CDN Caching Servers — Part 2 Bounty: $2,000While Google Dorking, i found a particular URL, but this time, was not being cached, b... 2022-2-3 00:30:55 | 阅读: 22 | 收藏 | infosecwriteups.com globalthis ert cookiename poisoned hopefully

How I Made $16,500+ By Hacking Caching Servers — Part 1 Bounty: $6,300This was actually my first Cache Poisoning, I initially reported it as a cache Decepti... 2022-2-3 00:30:16 | 阅读: 22 | 收藏 | infosecwriteups.com triaged xsshunter poisoning atob

Check Out the Speakers for IWCON 2022 Register today to be a part of the coolest Cybersecurity conference of 2022!We at Infosec Writeups a... 2022-2-1 20:28:51 | 阅读: 15 | 收藏 | infosecwriteups.com iwcon writeups ist founder

How I exposed the teacher’s Aadhaar card, bank details on the college website. Hey fellow hackers and Bug hunters,After the long gap between me and Bug hunting, I am back with a w... 2022-2-1 14:27:23 | 阅读: 27 | 收藏 | infosecwriteups.com client college usual webpage textbox

Paytm-Broken Link Hijacking Hello Everyone….Lohith Here, (Sr.Security Engineer & Ethical Hacker from Bengaluru). ‎‎‎‎‎I hope you... 2022-2-1 14:22:52 | 阅读: 35 | 收藏 | infosecwriteups.com paytm security redirected facebook forgot

The Story of an RCE on a Java Web Application It was about two months ago (November 2021) I was invited to a private program. According to their p... 2022-2-1 14:19:37 | 阅读: 33 | 收藏 | infosecwriteups.com payload burp gave serialized python

Hack into Skynet —  Real World CTF (2022) walkthrough <Online Jeopardy>Hello hackers ッ✋✋,In this writeup, I’m sharing one of the potential methods to pwn... 2022-1-25 19:1:43 | 阅读: 43 | 收藏 | infosecwriteups.com username flask bypass attachment 403

Attacks on JSON Web Token (JWT) In part1 of the article, I introduced JSON web tokens that what is JWT and How they are made? I pref... 2022-1-25 18:59:54 | 阅读: 46 | 收藏 | infosecwriteups.com hs256 payload isadmin rs256 validated

How I was able to find multiple vulnerabilities of a Symfony Web Framework web application Found high severity vulnerability in 5 minutes just from reconnaissance. Found multiple vulnerabilit... 2022-1-25 18:58:15 | 阅读: 91 | 收藏 | infosecwriteups.com symfony profiler php developers subdomain

Simple CTF- TryHackme CTFWelcome amazing hackers I came up with another cool article which is Tryhackme simple CTF writeup... 2022-1-25 16:7:41 | 阅读: 20 | 收藏 | infosecwriteups.com gobuster ctfwelcome salt cracking ssh

How I could have read your confidential bug reports by simple mail? Source: InternetHey Everyone, Hope you’re doing safe and sound.I have recently found a bug in the Mi... 2022-1-25 15:53:20 | 阅读: 17 | 收藏 | infosecwriteups.com microsoft attacker vuln listened 010001