Top 7 methods to find account takeover bugs in 2023
A step-by-step guide on how I find security vulnerabilities that others miss
Aug 29, 202111 min read13K
Pinned
Command Palette
Search for a command to run...
Latest articles
XSS Vulnerability: A Quick Guide for Entry-Level Developers
Get started with Cross Site Scripting: A Simple Guide for Beginner-Level Devs
Jun 26, 20232 min read94
How to fix XSS vulnerabilities in Node.js and expressJS
What is XSS? Simply we can say that XSS (Cross-site scripting) is a JavaScript code injection on web applications. Attackers use vulnerable web apps to inject malicious javascript code or a script. There are several types of XSS attacks. The risks of...
Jan 27, 20223 min read4.2K
How to exploit a basic SSRF vulnerability?
The challenge in this writeup is from Portswigger's web security academy lab. You can access it here for Free. The challenge We need to access the admin panel and delete the user called Carlos. We can only access the admin panel from the internal n...
Jan 9, 20222 min read194
How I got $400 for my first SSRF bug?
An easy-to-exploit SSRF vulnerability.
May 1, 20213 min read1.6K
Difference Between var, let, and const in Javascript
var and let These are two keywords used to declare variables in Javascript. Even though most beginners know these two keywords exist, we struggle with finding the difference between them. So let's look at the difference between these keywords. Declar...
Oct 11, 20203 min read190