Archives

2025

30 Jul A little something to get you started

2024

07 Nov Username enumeration via subtly different responses
07 Aug Source code disclosure via backup files
04 Jul Referer-based access control
03 Jul User ID controlled by request parameter with data leakage in redirect
04 Jun Hackland
04 Jun Remote code execution via web shell upload
02 Jun User ID controlled by request parameter
29 May SSRF attacks against other back-end systems
27 May 2FA simple bypass
24 May Username enumeration via different responses
24 May User Role Controlled By Request Parameter
16 May User ID controlled by request parameter, with unpredictable user IDs
15 May Unprotected admin functionality With unpredictable URL
14 May Unprotected admin functionality
16 Apr WebOsint
21 Feb OhSINT
18 Feb Simple Nmap Scripts
18 Feb Bash Scripting