Le Minh Nguyen0xdinot6121.hashnode.dev·Aug 18, 2023Simple, just enter URL, we will do all the things...Target: http://139.180.214.198:8080/ Kiểm tra thử web xem có gì không ? Đơn giản chỉ cần nhập URL và web sẽ làm một cái thứ gì đó. Kiếm một link dẫn tới một bức ảnh thử xem nó có gì thú vị ?Thử kiểm tra link này: https://encrypted-tbn0.gstatic.com/i...Discusscommand injection
Rafael da Costa Santosrafa.hashnode.dev·Aug 17, 2023InfluxDB NoSQL InjectionIn this post, I'll share my experience of discovering a NoSQL Injection vulnerability in a Bug Bounty program in a non-popular database within the hacking community. During the initial discovery, I was expecting to find a good blog post or tool teach...Discuss·98 readsInfluxDB
Cxnsxlecxnsxle.hashnode.dev·Jul 26, 2023SSRF VulnerabilityWhat is SSRF? Server-side request forgery (SSRF) is a web security vulnerability that allows us as attackers to induce the server-side application to make requests to an unintended location. In a typical SSRF attack, the attacker might cause the serv...Discuss·1 likessrf
Samir Ranjan Parhils-lrt.com·Jul 22, 2023Understanding Server-Side Request Forgery (SSRF)Introduction: In today's interconnected world, web applications rely on various external services to provide dynamic content and functionality. However, this dependence on external resources can also create security vulnerabilities, one of which is S...Discuss·80 readsssrf
The Chief - Omarchiefomar.hashnode.dev·Mar 22, 2023Bringing Life to The Laptop: Kali Linux SetupBismillah Greetings again, chiefomar here. So yesterday and today were a bit interesting; First Day of Sc..o(de): Decisions Yesterday I had a great time installing Kali Linux onto my computer and choosing between Junior pen-testing and Junior SOC an...Discuss·49 readspenetration testing
Mike Elissenblog.securitylevelup.eu·Mar 9, 2023Your APIs are enabling Server-Side Request Forgery (SSRF) attacksAs a security consultant who has worked closely with developers in the boom of API microservices development, I've seen firsthand how APIs can inadvertently expose organizations to the risk of Server-Side Request Forgery (SSRF) attacks. These types o...Discuss·10 likes·192 readsssrf
Stackzerostackzero.hashnode.dev·Feb 18, 2023Introduction to SSRF Exploitation: A Practical Tutorial for Ethical HackersThis article was originally published at https://stackzero.net/ssrf-introduction/ Server-side request forgery (SSRF) is a type of web application vulnerability that allows an attacker to send a crafted request from a vulnerable web application to an ...Discuss·49 readshacking
Natanblog.triplen.tech·Dec 1, 2022Boosting Blind SSRF Attacks Using DNS Rebinding\x00 - TLDR; DNS Rebinding is a great technique to level up blind SSRF attacks.In this article I go step by step on what is a DNS Rebinding Attack, how to configure your own server, exploit a demo app, and what to do in case the browser ignores the ...Discuss·394 readsappsec
Dipak kumar Dasblog.d1pakda5.com·Aug 16, 2022How I Found SSRF In Choreo's REST API ProxySo one night I was looking for some external bug bounty programs. Then I found WSO2 Security Reward and Acknowledgement Program. Within the scope of the program was a product called Choreo. So Choreo is a digital innovation platform that allows you...Discuss·1 like·382 readsbugbounty
