BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors which come in PowerShell and C# flavours. It identifies different attack…

Inside thoughts 1) Becoming successful is not earning money, share your knowledge and become successful. 2)Never forget you roots wherever you are 3) Good person will not criticise or never underestimate other person. 4)Don’t thrive only for your success also help your friends too. 5) Don’t run behind money, you will not take a single penny when your time comes. 6) You should not boast yourself, it should come from others. If you do good deeds then your name will go through Word-of-mouth.

https://tryhackme.com/room/django it’s a free room First of all understand the basics how to add ALLOWED_HOSTS in seetings.py and read all the introduction of this room to understand how the app works After completion of reading the introduction , creating a website and concluding , now deploy the server Connect to…

This is the bug I have found in some vdp program and they really don’t have time to reply back i guess so posting the vulnerability details will be useful. First if you are taking any target keep in mind that you have to content discovery, you can use tools…

Vulnerability Category: A7- Cross-site Scripting Vulnerability Description: A Stored Cross-Site Scripting (XSS) vulnerability occurs when a web application sends stored strings that were provided by an attacker to a victim’s browser in such a way that the browser executes part of the string as code. The string contains malicious data…

Vulnerability Category: A3-Sensitive Data Exposure Vulnerability Description: When a user uploads an image to the application , the uploaded image’s EXIF Geolocation Data does not gets stripped. …

Vulnerability Category: A3- Sensitive Data exposure Vulnerability Description: Sensitive data exposure vulnerabilities can occur when an application does not adequately protect sensitive information from being disclosed to attackers. …

Vulnerability Category: A6- Security Misconfiguration Vulnerability Description: The file paths can be revealed in the client-side source-code utilized by the application, as parameters passed within the application, or even as part of error messages. This information gives an attacker details about the operating system used by the server or developer…