Varkey Thomasskinnyidiot.hashnode.dev·Jul 19, 2024Brute-forcing and EnumerationIntro: Enumeration is a process in cybersecurity through which detailed information can be gathered about a target. Username enumeration is essentially the process of discovering valid usernames within a system or a network. The information can be ga...Discuss#enumeration
Abdellah Kamilabdellahk.hashnode.dev·Jul 17, 2024Elevating Application Security with PixeeIn the digital age, where software permeates every aspect of our lives, security is a cornerstone of software development. The Audit Management System (AMS)—designed to streamline the auditing process for our company, Cooperative Bank of Oromia, audi...Discusspixee
Varkey Thomasskinnyidiot.hashnode.dev·Jul 16, 2024Horizontal to Vertical Privilege EscalationIntro: This type of escalation is a combination of both horizontal, and vertical privilege escalation. First, an attacker gains access to an standard account without any administrative privileges. After accessing the standard account, the attacker wi...Discussappsec
David Rochadavidrocha.com.br·Jul 11, 2024Tips for hardening web applications #1Applications with the option for users to upload files, such as images, documents, PDFs, etc., represent a security risk for web applications. File uploads are often used to upload web shells to targets to obtain persistence (Mitre Att&ck: T1505) and...Discussappsec
Jay Srinivasanjay79.hashnode.dev·Jul 7, 2024Interview Questions and Answers for Cyber Security ProfessionalsDear Candidate, Nothing gives me Joy than seeing you succeed. It gives me Joy when i see you being at ease expressing yourself without any fear when answering your accomplishments, showing your problem solving skills, white boarding design skills. It...Discussappsec
Varkey Thomasskinnyidiot.hashnode.dev·Jul 4, 2024Access Control - Horizontal Privilege EscalationAn access control vulnerability when a non-administrative user can see another users personal information with similiar privileges. An example would be a user gaining access to the records of another user. Horizontal privilege escalation attacks may ...Discussaccess control
Ben-Hur Santos OttforGuia de AppSec :: Blogblog.guiadeappsec.com.br·Jun 30, 2024AppSec Newsletter 0034Links 🚨 ZAP | Polyfill.io Script Detection Not The Hidden Wiki - The largest repository of links related to cybersecurity PLORMBING YOUR DJANGO ORM Kubernetes Cluster Security - Nuclei Templates v9.9.0 Cloud Commotion intends to cause chaos to ...Discuss·67 readsappsec
Varkey Thomasskinnyidiot.hashnode.dev·Jun 29, 2024Parameter based Access ControlA parameter based access control is a type of access vulnerability in which an application determines the user's access right based on the on the parameter in the request. These are the: query parameters request headers cookie values Such access...Discussappsec
Varkey Thomasskinnyidiot.hashnode.dev·Jun 24, 2024Access Control - Unprotected FunctionalityAnother but less reliable way of protecting a sensitive URL is by making it unique. This means making it hard to guess. An example is as below: Such a URL can be hard to predict. However, it can be found indirectly through any JavaScript code found ...Discussappsec
Varkey Thomasskinnyidiot.hashnode.dev·Jun 24, 2024Access Control - Privilege Escalation LabAccess control of an application authorizes users to access specific resources based on their user type. In web applications, access control is dependent on the following: Authentication: confirms that the user is who they say they are Session mana...Discussappsec