Bypassing Promo Code Validation via Response Manipulation Enabled the Creation of a Business….بِسْمِ اللَّهِ الرَّحْمَٰنِ الرَّحِيمِ، وَالصَّلَاةُ وَالسَّلَامُ عَلَىٰ رَسُولِ اللَّهِNov 6, 2024Nov 6, 2024
IDOR Vulnerability Allowed the Deletion of Any User from an Administrator Account..بِسْمِ اللَّهِ الرَّحْمَٰنِ الرَّحِيمِ، وَالصَّلَاةُ وَالسَّلَامُ عَلَىٰ رَسُولِ اللَّهِNov 6, 2024A response icon3Nov 6, 2024A response icon3
NoSQL Injection & Exploitation TechniquesWhat is NoSQL Injection?Sep 24, 2024A response icon1Sep 24, 2024A response icon1
My First Bounty: How I Exploited a CORS Misconfiguration.بِسْمِ اللَّهِ الرَّحْمَٰنِ الرَّحِيمِ، وَالصَّلَاةُ وَالسَّلَامُ عَلَىٰ رَسُولِ اللَّهِSep 3, 2024A response icon6Sep 3, 2024A response icon6
Python — SSTI | Root Me Web ChallengeHi everyone, in this write-up I’ll explain the solution to the Python — Server-side Template Injection Introduction challenge hosted on…Mar 13, 2024Mar 13, 2024
Arab Regional Cybersecurity CTF 2023 (Web Security & Machines)We Stand with Palestine and don’t recognize a country called Israel.Oct 22, 2023Oct 22, 2023
