Learning Series: How to detect vulnerabilities in the application
In this post, I would like to share my experience on how to detect some vulnerabilities within the application itself. A lot of people did ask me how I manage…
Learning Series: Server-side request forgery(SSRF) Attack
What is SSRF? For those who are not familiar with Server-side request forgery or also known as SSRF, it’s a vulnerability that resides within web applications that allow the threat…
Learning Series: Cloud Penetration Testing (AWS)
In the post, i would like to share some knowledge on Cloud Penetration Testing for learning purposes What is Cloud Penetration Testing? There are some Penetration Testing that has been…
Learning Series: API Penetration Testing
What is API Penetration Testing? For those who are not familiar with API Penetration Testing, it’s a test activity that involves all the processes of vulnerability assessment and ensures that…
Learning Series: Play around with Kerberos using the Impacket script
A little bit of explanation on Kerberos and Impacket In this post, I would like to share my knowledge and skills about the Kerberos which we will take advantage of…
Learning Series: IDOR Vulnerability explained
In this post, I would like to share some information on the Insecure Direct Object Reference (IDOR) vulnerability. What is IDOR Vulnerability? For those who are not familiar with IDOR…
Hack The Box: (Outdated Machine) Using WSUS attack
In the post, I would like to share some tricks that I learned such as using the WSUS Trick while playing with the Outdated Machine which the walkthrough over here…