123 articles
Complete review of Altered Security's CRTP certification: course content, Active Directory labs, hands-on exam, and my experience as a Certified Red Team Professional.
Detailed explanation of Cross-Origin Resource Sharing (CORS), its HTTP headers, functionality, and potential configuration vulnerabilities in web applications.
Learn how to exploit stored XSS vulnerabilities to steal session cookies and perform Session Hijacking in this PortSwigger lab.
Learn how to exploit stored DOM XSS vulnerabilities in the comments functionality and how to bypass JavaScript's replace() method.
Learn how to exploit a Reflected DOM XSS vulnerability in PortSwigger Lab. Step-by-step guide to identify and exploit an insecure script that processes reflected data in the DOM in a vulnerable way.
Learn how to perform Rogue AP attacks against WPA Enterprise networks using hostapd-wpe to capture user credentials.
Learn how to exploit a DOM XSS in AngularJS expressions in PortSwigger Lab. Step-by-step guide to execute JavaScript through Angular expressions when angle brackets and double quotes are HTML-encoded.
Complete guide to getting started in the bug bounty world, including platforms, tools, VPS, methodology, and tips for finding vulnerabilities.
Learn how to exploit DOM XSS in document.write by escaping from a select element and executing arbitrary JavaScript code.
If you like the content and want to support the project, you can buy me a coffee. Your support helps keep the site active and create more quality content.
Buy me a coffeeThanks for your support 🙏