Website Source Code Analysis To AWS Account Takeover
Unveiling the risks of website source code analysis led to the discovery of AWS access/secret keys resulting in the takeover of an organization's AWS account.
Unveiling the risks of website source code analysis led to the discovery of AWS access/secret keys resulting in the takeover of an organization's AWS account.
Getting A+ grade in securityheaders.com for a static website using Cloudflare transform rules.
Exploring AWS Route 53 Vulnerabilities. Exploitation Techniques & Prevention Tips
Exploiting goDaddy service to affect thousands of domains with cross-site scripting vulnerability.
Bypassing file read restriction on an application to achieve Remote Code Execution.
MSSQL Injection in android application from JSON Request.
Blind cross-site scripting (XSS) refers to a type of code injection where an attacker inserts XSS payload in user input fields and...
While viewing our stream dashboard data from creator studio, there is an endpoint from where we can see our dashboard status. There is parameter called profile_id which can be misused to access dat...
XSS on Mdaemon webmail affecting versions < 20.0.0. Assigned CVE-2020-18723 and CVE-2020-18724
Authenticated Stored Cross Site Scripting (XSS) in OpenCart 3.0.3.2.