Let's Explore the Content-Type Header Role in API Security — Understanding REST APIs Before diving into the specifics of the Content-Type header, let’s quickly recap what REST APIs are all about. REST is an architectural style for designing networked applications. It is based on a set of constraints that encourage the use of standardized HTTP methods like GET, POST, PUT, and DELETE for…

A smart way to hunt Cross-Site Scripting vulnerability — Introduction Cross-site scripting (XSS) vulnerabilities are among the most common security issues in web applications today. Exploiting an XSS vulnerability allows an attacker to inject malicious scripts into a trusted website, potentially compromising user data, session cookies, and even the entire application. To effectively hunt for XSS vulnerabilities, you need a…

Discover the ultimate guide for bug bounty hunters to detect sneaky OTP validation vulnerabilities! — Introduction: As the digital world expands, so does the importance of cybersecurity. One Time Passwords (OTP) have become increasingly popular in the realm of authentication. They are known for providing an extra layer of security, making it difficult for hackers to gain unauthorized access. However, if not properly implemented, OTP validation…

Never ever give a chance to leave a bug to automated scanners. — Introduction: In the world of penetration testing, it is crucial to employ the right tools and methodologies to uncover vulnerabilities in a system. However, blindly relying on security tools without considering certain factors can lead to false positive results, wasting valuable time and resources. One such factor that requires careful analysis…

Nginx reverse proxy with Basic Authentication — Introduction: Recently, I faced a challenge to deploy a docker web application with basic authentication. Instead of modifying the docker web application, I deployed the docker instance behind the Nginx reverse proxy with Basic Auth. So I want to share the process and challenges I faced in order to deploy the…

A special Bug-Bounty tip for Bug hunters and Pen-testers — If you already know about Broken Access Control weakness. Please skip explanation and go to the “Observation” section. What is Broken Access Control Broken Access Control is a type of weakness in the software program or application. If the system gives unauthorized access to a low privileged user then we can say that the system…

A better way to take control of your online privacy — Internet Privacy Day to day the technology is growing rapidly. In this technological world, we are becoming the products of giant companies. We are monitored by these giant companies while we are surfing the internet. Using our search content stats on multiple platforms and combined them with ML technology they are influencing…

Android application dynamic analysis lab setup on windows — To perform the android application penetration testing we need a rooted android device. But it is not always safe to root our personal devices. So, I came with a solution and you to analyze the android application without an actual device. In the below, I explain the whole process of…

A weird approach to escalate the Server-Side Request Forgery — Thanks for huge response to my previous write-ups. Recently I have participated in a private program and I found an OS command injection. In this write-up, want share my experience, approach and the challenge I faced during the exploitation. What is SSRF: SSRF stands for Server-Side Request Forgery. SSRF is a kind of…