Bypassing Promo Code Validation via Response Manipulation Enabled the Creation of a Business….بِسْمِ اللَّهِ الرَّحْمَٰنِ الرَّحِيمِ، وَالصَّلَاةُ وَالسَّلَامُ عَلَىٰ رَسُولِ اللَّهِNov 6, 2024Nov 6, 2024
IDOR Vulnerability Allowed the Deletion of Any User from an Administrator Account..بِسْمِ اللَّهِ الرَّحْمَٰنِ الرَّحِيمِ، وَالصَّلَاةُ وَالسَّلَامُ عَلَىٰ رَسُولِ اللَّهِNov 6, 20243Nov 6, 20243
My First Bounty: How I Exploited a CORS Misconfiguration.بِسْمِ اللَّهِ الرَّحْمَٰنِ الرَّحِيمِ، وَالصَّلَاةُ وَالسَّلَامُ عَلَىٰ رَسُولِ اللَّهِSep 3, 20246Sep 3, 20246
Python — SSTI | Root Me Web ChallengeHi everyone, in this write-up I’ll explain the solution to the Python — Server-side Template Injection Introduction challenge hosted on…Mar 13, 2024Mar 13, 2024
Arab Regional Cybersecurity CTF 2023 (Web Security & Machines)We Stand with Palestine and don’t recognize a country called Israel.Oct 22, 2023Oct 22, 2023
