OSCP Prep: Lame HactTheBoxTo start with, I first performed an Nmap scan on the host. I prefer aggressive scans for scanning, and below is the result of the scan.Oct 2Oct 2
How I Bypass JavaScript Validation to create user and Escalated to Privilege EscalationNote: In this blog the website will be considered as target.com instead of the original website. The entire parameter name in the…Jun 1, 2021Jun 1, 2021
HTTP Parameter Pollution “How I found HTTP Parameter Pollution and lead it to stored XSS”-Part IIAs, discussed in the previous blog I have successfully performed HPP attack on the user and now let’s see how I turned it into XSS via HPP.Sep 23, 2020Sep 23, 2020
TTP Parameter Pollution “How I found HTTP Parameter Pollution and converted it to stored XSS”-Part…Note: — This blog is divided into two part where part-I will about how I figured out that the application is vulnerable to HTTP Parameter…Sep 23, 2020Sep 23, 2020
Importance of Validation and Authentication in Applications (Mobile / Web)NOTE: In below scenario I will be considering myself as an attacker and will explain accordingly. Consider user1 is mapped on attacker’s…Jun 11, 2020Jun 11, 2020