Pentest_Testing_CorpforVulnerabilities in Laravelsql-injection-prevention-in-laravel.hashnode.dev·Nov 19, 2024Prevent XSS Attacks in Laravel: Best Practices & ExamplesCross-Site Scripting (XSS) is one of the most prevalent vulnerabilities affecting web applications. Attackers inject malicious scripts into your website, compromising the user experience and potentially stealing sensitive data. As Laravel developers,...Discuss#cybersecurity
meydimeydi.hashnode.dev·Nov 12, 2024Master of XSS WAF Bypass - Part 1Hello, I'm Meydi. I have been working in bug bounty for a year and a half, and over the past year, my main focus has been on client-side bugs and I have earned more than $25k in bounties through XSS In this part, my focus is on situations where you c...Discuss·34 likes·511 readswafbypassVery Good Writeup 21
Bhuwan BhetwalforBhuwan Bhetwal's HandBookblog.bhuwanbhetwal.com.np·Nov 8, 2024CSRF + POST Body Param Reflection = POST-Based XSS (A BrainFuck)Hello again, This blog explains how i chained a CSRF and XSS on a POST request. So, lets get straight into it. One day i was hunting on a private program and i could see most of hacker’s were reporting CSRF. Almost 5 reports out of 10 were them. Lo...Discuss·525 readsXSS
Bhuwan BhetwalforBhuwan Bhetwal's HandBookblog.bhuwanbhetwal.com.np·Nov 7, 2024Breaking In: How RXSS and SQLi Can Lead to Full Account Takeover and Database AccessThese vulnerabilities were Identified on one of the YesWeHack’s Private Program. I was hunting late night when i received an invitation from one of the Private Program. As they Were Interested on critical reports. I was looking for SQLi, Command Exec...Discuss·2 likes·814 readsSQL
Bhuwan BhetwalforBhuwan Bhetwal's HandBookblog.bhuwanbhetwal.com.np·Nov 7, 2024Adding Knoxnl (KNOXSS) to BurpOpen Burp > Extensions Install Piper Go to Piper > Context menu items Click on Add Button and Enter Name as “knoxnl” In the Add menu item dialog box, enter the Name as knoxnl and change the Can handle... drop down to HTTP requests only. Change b...Discuss·58 readsKnoxnl
Prashanth Bodepu0xpb.hashnode.dev·Nov 5, 2024Leek NFT challenge#0223 — IntigritiChallenge Overview Challenge Link: https://challenge-0223.intigriti.io/ Challenge By: @x64pr0fessor This challenge demonstrates a potential Cross-Site Scripting (XSS) vulnerability by allowing image uploads with unvalidated metadata, which an att...Discussmonthlychallenge
Kuldeep YadavforBreachForcebreachforce.net·Oct 17, 2024Secure Your Node.js Applications: Top 10 Critical Vulnerabilities to Identify and Prevent Major ThreatsHave you ever had one of those moments when you feel confident about the code you’ve written — until a VAPT (Vulnerability Assessment and Penetration Testing) team reviews it? Suddenly you’re faced with a sea of red flags and dire warnings. Words lik...Discuss·110 readsNode.js
Ashari Muhammad Hisbullohblog.iamashari.me·Oct 2, 2024Frontend Security 101: Saving You from XSS Attack (still)Setelah di postingan sebelumnya kita sudah membahas XSS dan salah satu cara kita menanggulangi serangan XSS yaitu dengan menggunakan Content Security Policy (CSP), pada kesempatan kali ini saya mau melengkapi pembahasan saya terkait XSS dan mungkin h...DiscussFrontend Security 101Frontend Development
Adnan HashmiforMiddleware - Be Productive, Not Busy!middlewarehq.com·Aug 27, 2024Exploits Ep-2: Exploiting XSS to Become Someone Else OnlineDisclaimer: The techniques described in this blog are for educational purposes only. We're here to learn, not to cause chaos. Any resemblance to actual hacks, past or present, is purely coincidental. Please don't try this at home, or work, or anywher...Discuss#cybersecurity
Harshal ShahforHarshal_Shah' Blogdelvingwithharshal.hashnode.dev·Aug 21, 2024Understanding Cross-Site Scripting (XSS) Attacks: What You Need to KnowCross-Site Scripting (XSS) is one of the most common and dangerous security vulnerabilities affecting web applications today. Despite being well-known, XSS continues to be a significant threat, impacting websites and users across the globe. In this b...DiscussFortify and Defend: Navigating the Cybersecurity Landscapewebsecurity