In this post, I would like to share some information on the Insecure Direct Object Reference (IDOR) vulnerability. What is IDOR Vulnerability? For those who are not familiar with IDOR vulnerability, it’s an attack type that accesses control vulnerability that is executed when the application is […]
What is Server-Side Template Injection? An attack that allows the attacker to use the native template syntax to inject a few malicious payloads into the template is been called Server-side template injection or also known as SSTI. Normally, the attacks will work when the attacker makes […]
In this post, I would like to share some challenges on a basic level of Local File Inclusion(LFI) attack on the TryHackMe. For those are not familiar with LFI attack, it’s a method which the attacker to trick the web application to expose any information within […]
What is Lateral Movement attack? For those are not familiar with Lateral Movement attack, it normally an attack that related to cyberattack techniques that used whenever they successfully gain initial access in order to go deeper within the network. The main purpose to look into any […]