CSCyber Safety Zoneinblog.cybersafetyzone.com00Chrome Extension Attacks on Freelancers: How to Stay Safe6d ago · 2 min read · Freelancers often install browser extensions to save time. From grammar tools to screenshot apps, Chrome extensions can make daily work easier—but they can also introduce hidden security risks. Many eJoin discussion
PPromiseinpromise-security.hashnode.dev00Cracking HackThisSite Basics: My Beginner Web Hacking JourneyApr 5 · 10 min read · LEVEL 1 Level 1 on HackThisSite is called “The Idiot Test”, and the page only shows a password box, a submit button, and a hint saying that if you have no idea what to do, you need to learn HTML. InstJoin discussion
JJebitokinsharonjebitok.com00Biohazard (CTF Challenge - THM)Apr 2 · 17 min read · Introduction Welcome to Biohazard room, a puzzle-style CTF. Collecting the item, solving the puzzle and escaping the nightmare is your top priority. Can you survive until the end? If you have any quesJoin discussion
MBMokshan Basuruinmokshan.hashnode.dev00Bypassing safeMode: A Journey from JSONP to Stored XSSMar 26 · 4 min read · In modern web security, we often rely on client-side flags to toggle security features. But.... If attacker can reach into the global window object and flip those switches what happens? In this post, Join discussion
SCShaishab Chandra Shilinshaishab316.hashnode.dev00CSRF token to protect cookiesMar 15 · 4 min read · If you're storing session data or auth tokens in cookies, you're already one step ahead of localStorage. But cookies come with a well-known vulnerability — Cross-Site Request Forgery (CSRF). In this pJoin discussion
JJebitokinsharonjebitok.com10SQL Injection - CWE 89 (YesWeHack Dojo)Mar 14 · 7 min read · Introduction SQL injection has been on the OWASP Top 10 for years — not because developers don't know about it, but because unsanitized user input keeps finding its way into database queries. CWE-89 (Join discussion
JJebitokinsharonjebitok.com00SSTI (TryHackMe)Mar 14 · 11 min read · Server-Side Template Injection (SSTI) is one of those vulnerabilities that looks deceptively simple on the surface but can escalate to full remote code execution faster than most people expect. In thiJoin discussion
JJebitokinsharonjebitok.com00Love Letter Locker (TryHackMe) - IDORMar 5 · 6 min read · Lover Letter Locker is a Valentine's-themed web application that allows users to create and store love letters. The challenge description hints at privacy concerns with "For your eyes only?" - suggestJoin discussion
CSCyenetic Solutions Ltdincyenetic.hashnode.dev00The no. 1 OWASP Web Security Risk in 2025-2026: How Broken Access Control Can Destroy Your Business & Revenue (And How to Stop It)Feb 24 · 4 min read · As a Business Owner, you probably don't spend your days thinking about code vulnerabilities. You're focused on growth, customers, revenue, and staying ahead of competitors. Feb 20 · 6 min read · TryHeartMe is an e-commerce/web exploitation Challenge that was part of the Love at First Breach 2026, red team beginner’s CTF. It covers JWT token manipulation using the "none" algorithm attack to byJoin discussion
