Hi all, It’s been two months without any update in the blog. Uff!! Job, personal projects, eWPTX, all ate up my time. Because of many requests from my friends, well-wishers I am writing this post to share my journey in
In the last post, I have presented how XSS is not all about ‘alerting’ the victim, rather a serious attack on the victim leveraging the vulnerable website. This post ll have demos on how to enumerate victim private IP, ping
Cross Site Scripting (XSS) is one of the most found vulnerabilities in websites. Attackers use such vulnerable websites to inject scripts into user’s browser context to perform malicious activities such as cookie grabbing, phishing etc. This post is an attempt
All programming languages have certain dangerous functions to which when a client-side input is directly passed without proper sanitization present a very serious security threat. For example: open() in Perl, subprocess.call() in Python. One such dangerous function is eval() in
Thanks for visiting here and it feels good to share my journey towards being OSCP certified.
I will write my OSCP adventure based on the questions I have received when I shared my OSCP result mail with others.