Tag

Tutorial

#tutorial

More content

Read more stories on Hashnode

Articles with this tag

Pwning a Server using Markdown

Feb 28, 20225 min read

Escalating a bug in a vulnerable markdown parser to exploit LFI and get RCE ยท Background Hashnode is a blogging platform for developers where you can...

Pwning a Server using Markdown

Exploiting OAuth: Journey to Account Takeover

Nov 19, 20215 min read

Most of the web and mobile applications these days use OAuth to secure their authorization endpoints. It allows them to easily grant access to their...

Exploiting OAuth: Journey to Account Takeover

A deep dive into Task Hijacking in Android

Apr 21, 20216 min read

Introduction Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their...

A deep dive into Task Hijacking in Android

Hacking a Chrome Extension for Fun and Profit

Apr 13, 20216 min read

Introduction Google chrome extensions are a bundle of multiple JavaScript, HTML, and CSS files, much like a web app but inside your browser and...

Hacking a Chrome Extension for Fun and Profit

One-click SSL-Pinning Bypass Setup

Oct 13, 20202 min read

Android app Pentests can become torturous when you don't have the right environment setup.This of course refers to the SSL-pinning that is implemented...

One-click SSL-Pinning Bypass Setup

Leveraging XSS to Read Internal Files

Oct 8, 20202 min read

Everybody is familiar with what an XSS is so fast-forwarding it a bit, this is a write-up on how I managed to get an XSS in a PDF generator on an...

Leveraging XSS to Read Internal Files