Open in app

Sign In

Write

Sign In

gayatri r
gayatri r

385 Followers

Home

Lists

About

Jun 15

Pentesting on ISO8583 protocol

Penetration testing, also referred to as pen testing or ethical hacking is a process of evaluating the security of a computer system, network, or web application in order to identify vulnerabilities that could be exploited by an attacker. When it comes to ISO 8583, a standard for electronic transactions made…

Iso8583

3 min read

Iso8583

3 min read


Oct 19, 2022

CO2 Plugin to automate SQL Injection

Burp Suite offers multiple extensions to ease testing via automation.The Co2 extension has its own configuration tab with sub-tabs for each Co2 module. …

8 min read

CO2 Plugin to automate SQL Injection
CO2 Plugin to automate SQL Injection

8 min read


Jul 3, 2021

Dependency Confusion attack

Wondering what is this kind of attack. Go through the amazing writeup of this bug discovered by Alex Birsan Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies The Story of a Novel Supply Chain Attackmedium.com And for your understanding in simple and common language you can browse the below link . https://0xsapra.github.io/website//Exploiting-Dependency-Confusion

Bugbounty Poc

1 min read

Bugbounty Poc

1 min read


Feb 9, 2021

Public Key Infrastructure Notes

Hi Friends, I am sharing my notes which I jotted down for my reference, excuse me if I made any mistakes and my english

Pki

1 min read

Public Key Infrastructure Notes
Public Key Infrastructure Notes
Pki

1 min read


Oct 23, 2020

Setup BloodHound tool on Windows and enumerate Active Directory Objects

BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors which come in PowerShell and C# flavours. It identifies different attack…

Cybersecurity

3 min read

Setup BloodHound tool on Windows and enumerate Active Directory Objects
Setup BloodHound tool on Windows and enumerate Active Directory Objects
Cybersecurity

3 min read


Jun 21, 2020

Inside thoughts

Inside thoughts 1) Becoming successful is not earning money, share your knowledge and become successful. 2)Never forget you roots wherever you are 3) Good person will not criticise or never underestimate other person. 4)Don’t thrive only for your success also help your friends too. 5) Don’t run behind money, you will not take a single penny when your time comes. 6) You should not boast yourself, it should come from others. If you do good deeds then your name will go through Word-of-mouth.

Feelings

1 min read

Feelings

1 min read


May 30, 2020

Django room in tryhackme

https://tryhackme.com/room/django it’s a free room First of all understand the basics how to add ALLOWED_HOSTS in seetings.py and read all the introduction of this room to understand how the app works After completion of reading the introduction , creating a website and concluding , now deploy the server Connect to…

Tryhackme

1 min read

Tryhackme

1 min read


May 23, 2020

Sharepoint Website Information disclosure and can make it to RCE(unfortunately i couldn’t)

This is the bug I have found in some vdp program and they really don’t have time to reply back i guess so posting the vulnerability details will be useful. First if you are taking any target keep in mind that you have to content discovery, you can use tools…

Bug Bounty

2 min read

Sharepoint Website Information disclosure and came make it to RCE(unfortunately i couldn’t)
Sharepoint Website Information disclosure and came make it to RCE(unfortunately i couldn’t)
Bug Bounty

2 min read


May 23, 2020

Stored Cross-Site Scripting(Non-Privileged User to Anyone)

Vulnerability Category: A7- Cross-site Scripting Vulnerability Description: A Stored Cross-Site Scripting (XSS) vulnerability occurs when a web application sends stored strings that were provided by an attacker to a victim’s browser in such a way that the browser executes part of the string as code. The string contains malicious data…

Bugsbounty

2 min read

Bugsbounty

2 min read


May 23, 2020

EXIF Geolocation Data Not Stripped From Uploaded Images

Vulnerability Category: A3-Sensitive Data Exposure Vulnerability Description: When a user uploads an image to the application , the uploaded image’s EXIF Geolocation Data does not gets stripped. …

Bug Bounty

1 min read

Bug Bounty

1 min read

gayatri r

gayatri r

385 Followers

Simple human being

Following
  • Florian Roth

    Florian Roth

  • Women Who Code

    Women Who Code

  • Takahiko Kawasaki

    Takahiko Kawasaki

  • zerofloor

    zerofloor

  • The Aerospace Corporation

    The Aerospace Corporation

See all (205)

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech

Teams