Burp Suite offers multiple extensions to ease testing via automation.The Co2 extension has its own configuration tab with sub-tabs for each Co2 module. …

Wondering what is this kind of attack. Go through the amazing writeup of this bug discovered by Alex Birsan Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies The Story of a Novel Supply Chain Attackmedium.com And for your understanding in simple and common language you can browse the below link . https://0xsapra.github.io/website//Exploiting-Dependency-Confusion

Hi Friends, I am sharing my notes which I jotted down for my reference, excuse me if I made any mistakes and my english

BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors which come in PowerShell and C# flavours. It identifies different attack…

Inside thoughts 1) Becoming successful is not earning money, share your knowledge and become successful. 2)Never forget you roots wherever you are 3) Good person will not criticise or never underestimate other person. 4)Don’t thrive only for your success also help your friends too. 5) Don’t run behind money, you will not take a single penny when your time comes. 6) You should not boast yourself, it should come from others. If you do good deeds then your name will go through Word-of-mouth.

https://tryhackme.com/room/django it’s a free room First of all understand the basics how to add ALLOWED_HOSTS in seetings.py and read all the introduction of this room to understand how the app works After completion of reading the introduction , creating a website and concluding , now deploy the server Connect to…

This is the bug I have found in some vdp program and they really don’t have time to reply back i guess so posting the vulnerability details will be useful. First if you are taking any target keep in mind that you have to content discovery, you can use tools…

Vulnerability Category: A7- Cross-site Scripting Vulnerability Description: A Stored Cross-Site Scripting (XSS) vulnerability occurs when a web application sends stored strings that were provided by an attacker to a victim’s browser in such a way that the browser executes part of the string as code. The string contains malicious data…

Vulnerability Category: A3-Sensitive Data Exposure Vulnerability Description: When a user uploads an image to the application , the uploaded image’s EXIF Geolocation Data does not gets stripped. …