PinnedHacking the Giant: XSS on GoogleHello everyone, today I will share how I’ve found bug in Google. I mainly do WebApp & Cloud vulnerability research (more focused on cloud)…Mar 27, 20245Mar 27, 20245
A Thrilling Dive into Cloud Penetration TestingHello everyone, Today I am back with Cloud Penetration learning resources which I have followed to learn. By following which you can also…May 7, 2024May 7, 2024
Become a Bug Bounty hunter: Unveiling the Secrets to Success!This guide from me is for beginners and also those who are already struggling in bug hunting. Follow this roadmap of mine and you will get…May 2, 20245May 2, 20245
Unveiling Strategies to Identify Potentially Sensitive Data Stored by iOS ApplicationsOverviewApr 27, 2024Apr 27, 2024
Exploring IAM for Effective GCP Pentesting (comprehensive guide)To Conduct through a GCP pentest comprehensive understanding of identity and access management (IAM) is crucial. So, let’s begin delving…Apr 21, 2024Apr 21, 2024
Unveiling all techniques to find IDOR’S in web applicationsHere I explain in depth where a pentester and bug hunter can find bugs: Indetifying IDOR’S in URL Parameters & APIs , IDOR Enumeration …Mar 28, 2024Mar 28, 2024
Attacking XSLT in Web ApplicationsExtensible Stylesheet Language Transformations (XSLT) is an XML-based language usually used when transforming XML documents into HTML…Mar 23, 2024Mar 23, 2024
SSTI Exploitation Part III In Web Applications (with exploitation example)Once again, our focus will be on identifying if the application is vulnerable to Server-Side Template Injection.Mar 23, 20241Mar 23, 20241
SSTI Exploitation Part II In Web Applications (with exploitation example)we are tasked with pentesting yet another internet-facing application. Our focus will be on identifying if the application is vulnerable to…Mar 23, 2024Mar 23, 2024
SSTI Injections Identification During Pentesting Web Applications (with exploitation example)Let’s understand what is Template Engines First?Mar 23, 2024Mar 23, 2024
