Insecure Direct Object Reference (IDOR).
@Maniesh Neupane🇳🇵
@Maniesh Neupane🇳🇵
IDOR - Background Info ; Website.com/view_user_info?user_id=1 In its simplest and most common form, an IDOR vulnerability arises when the...
What we are going to see is a list of all the techniques possible to hack someone’s account and their respective prevention techniques....
This tool can be used in addition to your usual approach for Penetration testing . The idea is to quickly check and gather information...
You already know that your network firewalls are there to protect your network from outside threats, in particular. However, you cannot...
In this technological world, there are lot of chances to fall prey for cyberattacks. So, it is more important to create awareness to...
GET-Based-SQL-Injection-Exploitation: To find an SQLi on target you need to first find a vulnerable parameter to break out of the...
What is Authentication? Familiar with those login pages where you put your emails and passwords and after successful entry you get logged...
What Is Firewall A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data...
What is 2 FA ? 2FA stands for 2-factor authentication. It is used as an additional layer of security for user accounts. This simply means...
Phase 1 – History Phase 2 – Web and Server Technology Phase 3 – Setting Up The Lab With BurpSuite And bWAPP Phase 4 – Mapping The...
SECRET GITHUB DORKING METHODOLOGY 🤫 1. When you go to do Github Dorking, what is the first thing you do? ==> You find your target's...
Login function module: User Authentication . Input: User id and Password SQL: select * from admin where user_id = 'admin' and...
1: http://www.xyz.com/shell.php?id=10’ — + : — +, — -, # etc are Balance Query. The main page should be back after inputting this. 2:...
Let us assume that you are using an anonymity or privacy service... It is extremely important for you that all the traffic that is...
What are Access Control Vulnerabilities? Access controls are designed to prevent users from acting outside their intended permissions,...
Reconnaissance (aka Recon) is an essential process in pentesting, especially Black Box Pentesting, where you don't have specifics about...