Hey Guys, So Another Concise Report about an SQLi I recently Found One day i was just going through some Twitter posts and saw one of my friend replied to a tweet about a Swag pack As Some of you guys already know How Attractive such Tweets are so i decided to Test the Site that give him […]
Hi Guys, Honestly i was just getting bored and the blog wasn’t updated ina while so i decided to write this (Will share some more recent issues in a few days 🙂 ) So i want this Write Up to be concise.. to Let’s Just say I was checking subdomains of a site and found a subdomain jenkins-thor.dosomething.org so By […]
So this year in March i was just testing different settings of my iPhone that was running the latest IOS that time it was IOS 11.2.6 and i came across a setting under Settings > Siri > WhatsApp>”Use With Siri” I turned it on and locked my iPhone just to see if i can use WhatsApp to send a Message […]
About 2 Months ago a friend gave me his wetransfer.com account to send a 15GB file to a friend as he was using WeTransfer Plus subscription that he bought for $120/year i’ve decided to test WeTransfer for any possible vulnerability that can result of me bypassing their payment system or getting a Plus subscription for completely free well for this […]
Just “XSS” it Hello to all my brothers and friends. First i would like to thank @knowledge_2014 (ak1t4 z3n) for his support and @IfrahIman_ (Ifrah Iman) for helping to write this article. My name is Emad Shanab from Egypt. I am a lawyer by occupation but I love to find bugs in websites as a hobby. “Every Law has its own […]
Hey Guys, Hope all of you guys are doing well, I’m an Active Bug Bounty participant, & also sometimes work as a Freelancer for some extra pocket money :p So I got a Project to test a site for possible security issues, while working on the Project i was able to bypass the file Upload functionality to Upload a shell […]
Hi All, So Last month i decided to test Uber for Fun & Profit, So while scanning for subdomains to target i found a subdomain “design.uber.com” While navigating to the subdomain it redirected me to another domain Owned By Uber That was https://www.uber.design/Â so The domain was new for me as i haven’t seen that before that domain is a static […]
What virtual hosts (or vhosts)? A single web server can be configured to run multiple websites at once, under different domain names. These are the virtual hosts (or vhosts) and they are usually found in shared hosting environments. Why you need to Enumerate? The host name discovery phase is an information gathering act to get a complete and detailed view […]
The POST explains What is Subdomain Hijack/takeover Vulnerability, What are the Impacts of the Vulnerability & How can You prevent such attacks, In addition to this I Tried my best to add the step by step guide about how to Identify & Exploit Vulnerable Subdomains Using 5 different services that includes, Amazon Cloudfront Heroku Desk.com Pantheon service Github Pages Hope […]
Hey guys! few Months a go i was  testing different sites for CORS (Cross Origin Resource Sharing ) issues so that i can see what actually it is as i took about a week to understand it  from different sources and blogs  so i found a website that was vulnerable and I tried to see what i can do with […]