Introduction

Hello All

Welcome to Practical Demonstration of Web Application Hacking here we are going to learn about various web vulnerabilities and how to hunt them on a target and how to exploit them .

Before we begin to hunt we should choose a target that is in scope here we are going to choose our target as OWASP (Open Web Application Security Project) Juice Shop Project which is an insecure web application.

When we hunt, it’s important to look at every target in it’s own right. We are going to look at the OWASP juice shop. In this demonstration you…


What is it

IDOR: Insecure Direct Object Reference

Photo by Muhannad Ajjan on Unsplash

These types of vulnerabilities arise from acces control issues. We will devote another entire chapter to those types of vulnerabilities. The term IDOR was made popular in by appearing in the OWASP top 10 but in reality it’s simply another type of Broken Access Control issue. IDORs can manifest in both horizontal and vertical privilege escalation. To speak of an IDOR, the following conditions have to be met:

  • An object identifier exists in the request, either as GET or POST parameter
  • A Broken Access Control issue has to exist allowing the user access to data…

Performance testing is not a simple subject and many leading experts still do not fully agree on the topic. How it’s used and how people mis-use it has been a topic of debate for as long as computer systems had to support multiple users. Not is measuring the performance of an application had to measure, it’s even harder to predict and it can even have an impact on penetration testing as both (D)DoS attacks and performance testing attempt to emulate great volumes of users. …


Beginner

Nmap (Free)

https://nmap.org/book/man.html

Nmap is an AMAZING tool that is used for portscanning but it can also do banner enumeration and it can run some scripts per open port, to do this we user -sV and -sC respectively. It’s important to know that nmap will only scan the most used 1000 ports, if you want to scan all ports you need to use the -p- parameter and if you want to scan UDP ports you need to use the -sU parameter.

Whatever you do, you need to know that nmap does an intrusive scan by default and if you use…


Understanding APIs and their weaknesses

https://www.youtube.com/watch?v=eiZ_hW6ERWM&ab_channel=TheXSSrat

Application Programming Interfaces (APIs) are quickly becoming a point of concern amongst cybersecurity professionals. As organizations continue to expand the interoperability and coordination with each other and as companies make the move to the cloud, API’s are playing a greater role in how the modern internet functions.

As cybersecurity professionals, it’s important to intimately understand how attackers can target APIs, both from a red team and bug bounty perspective. As we take a look at how to target APIs, first, it’s important to know and understand what APIs are and the differences between their types and architectures.

API Overview

APIs allow…


Introduction

Whenever I am on a pentest, there are always several ways I approach my target. Please note how I mentioned pentesting and no bug bounties as those are two totally different beasts. Pentesting makes it a lot easier in my opinion to find vulnerabilities but don’t let that discourage you to do bug bounty hunting because while it might be true that pentesters find more issues, a lot of them are low priority or have less impact and as if that was not enough, even pentester needs to be pretty complete.

Recon

Recon recon recon, I can’t stress enough how important…


Introduction

In this article i will be going over Broken Access Control(BAC) which also includes IDOR. Some might see this as a separate issue type but in reality IDORs are simply another form of BAC.

BAC is a beautiful issue type and i think it’s often overlooked in bug bounties but you have to pick the right target of course! You target needs at least:

  • To create accounts or give you accounts
  • Different privilege levels
  • Direct object references for IDORs (example userID=123)

Let’s start with IDORs

Insecure Direct Object Reference (IDOR)

What is it

IDOR: Insecure Direct Object Reference

These types of vulnerabilities arise from acces control issues. We…


Introduction

Today we will continue our series on Resources to train an amazing hacker with the hacking part ❤

Photo by Michael Geiger on Unsplash

Beginner

Hackthissite (Free)

https://hackthissite.org/

Hackthissite is a free training website where they have challenges ranging from basic to advanced. I recommend that you give it a shot without any prior learning and see how far you can go. The first few challenges are always pretty easy and should be doable and if you get stuck, start looking up information about your problem. It’s really important that you learn to google a little bit.

Ethical Hacking Full Course — Learn Ethical Hacking in 10 Hours | Ethical Hacking Tutorial | Edureka (Free)

https://www.youtube.com/watch?v=dz7Ntp7KQGA&ab_channel=edureka!

This amazing free resources is a youtube video that’s 10 hours…


Introduction

Hello All

Welcome to Practical Demonstration of Web Application Hacking here we are going to learn about various web vulnerabilities and how to hunt them on a target and how to exploit them .

Before we begin to hunt we should choose a target that is in scope here we are going to choose our target as OWASP (Open Web Application Security Project) Juice Shop Project which is an insecure web application.

When we hunt, it’s important to look at every target in it’s own right. We are going to look at the OWASP juice shop. In this demonstration you…


Introduction

This vulnerability type is an easy trap to fall into. Companies need a domain and sometimes accounts at third party providers such as payment service providers. All of these services are not free of course, they cost money and normally companies will often opt to pay yearly for these services as they get a discount. However if the payment details of the company change and they do not remember to update them, their automatic renewal will not continue. This is especially easy to forget on domains and accounts that are not often used.

Photo by Agence Olloweb on Unsplash

What can also happen (and this happens…

Thexssrat

No b*llshit Hacking tutorials with extreme value in short bursts

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store