Analysis of CVE-2024–54687Vtiger CRM versions prior to 6.2 are vulnerable to stored XSS in the Documents module due to insufficient file upload validation and the…Jan 7Jan 7
Analysis of CVE-2024–56527TCPDF is a widely-used PHP library for generating PDF documents.Dec 27, 2024Dec 27, 2024
Published inInfoSec Write-upsTriple XSS in a Private Bug Bounty Program via a Hidden ParameterHi guys, recently I was hired by a company to conduct a private bug bounty on their platform and I managed to find an interesting XSSJul 30, 2024Jul 30, 2024
Published inInfoSec Write-upsCreate a simple phishing website and a Javascript keyloggerHi guys!Aug 22, 2022A response icon1Aug 22, 2022A response icon1
eCMAP exam reviewThe perfect certification to start your career as a malware analyst.Jul 27, 2022A response icon1Jul 27, 2022A response icon1
Published inInfoSec Write-upsHunting malwares with YaraA beginner’s guide to one of the most widely used tool in the malware analysis industry.Jul 10, 2022Jul 10, 2022
Published inInfoSec Write-upsEverything you need to know about clickjackingA complete guide how to exploit clickjacking and how to prevent it.Feb 9, 2022A response icon1Feb 9, 2022A response icon1
Tips and tricks to pass the eJPTThe ultimate guide to pass the most beginner-friendly infosec certificationDec 29, 2021Dec 29, 2021
Published inInfoSec Write-upsHow to bypass the credential manager in WindowsA method to escalate your privileges without knowing any password.Jul 29, 2021A response icon1Jul 29, 2021A response icon1
Published inInfoSec Write-upsUnderstanding and exploiting HTTP for bug bountyWhenever we open a browser and search something on the internet we make an HTTP request.May 11, 2021A response icon2May 11, 2021A response icon2
