19 followers
I write about web & api security here. Follow me to receive new articles about security.
A step-by-step guide on how I find security vulnerabilities that others miss · Making some weird API requests resulted in full user account takeovers,...
What is XSS? Simply we can say that XSS (Cross-site scripting) is a JavaScript code injection on web applications. Attackers use vulnerable web apps...
The challenge in this writeup is from Portswigger's web security academy lab. You can access it here for Free. The challenge We need to access the...
An easy-to-exploit SSRF vulnerability. · A story about my first SSRF finding on a bug bounty target web app, where I further exploited the SSRF bug into...
var and let These are two keywords used to declare variables in Javascript. Even though most beginners know these two keywords exist, we struggle with...
