ManieshNeupaneJul 5, 20224 min readIDOR VulnerabilityIDOR - Background Info ; Website.com/view_user_info?user_id=1 In its simplest and most common form, an IDOR vulnerability arises when the...
ManieshNeupaneJul 3, 20225 min readWays to get hacked ! And Preventive measures /What we are going to see is a list of all the techniques possible to hack someone’s account and their respective prevention techniques....
ManieshNeupaneJun 29, 20223 min readRecon Methodology !This tool can be used in addition to your usual approach for Penetration testing . The idea is to quickly check and gather information...
ManieshNeupaneJun 29, 20225 min readWAF stands for Web Application Firewall.You already know that your network firewalls are there to protect your network from outside threats, in particular. However, you cannot...
ManieshNeupaneJun 9, 20224 min readCYBER SECURITY THREATS YOU MUST KNOWIn this technological world, there are lot of chances to fall prey for cyberattacks. So, it is more important to create awareness to...
ManieshNeupaneMay 6, 20223 min readPenetration-SQL Injection (SQLi)GET-Based-SQL-Injection-Exploitation: To find an SQLi on target you need to first find a vulnerable parameter to break out of the...
ManieshNeupaneApr 7, 20227 min readAttacking Authentication in Modern Web Applications.What is Authentication? Familiar with those login pages where you put your emails and passwords and after successful entry you get logged...
ManieshNeupaneApr 5, 20222 min readFirewall 🔥What Is Firewall A firewall is a network security device that monitors incoming and outgoing network traffic and permits or blocks data...
ManieshNeupaneApr 4, 20222 min readMethods to bypass 2FA .What is 2 FA ? 2FA stands for 2-factor authentication. It is used as an additional layer of security for user accounts. This simply means...
ManieshNeupaneFeb 28, 20221 min readSome Web Application Penetration Testing & Bug Bounty Notes🔰.Phase 1 – History Phase 2 – Web and Server Technology Phase 3 – Setting Up The Lab With BurpSuite And bWAPP Phase 4 – Mapping The...
ManieshNeupaneFeb 12, 20222 min readGihub Dorking Methodology for bug bounty !SECRET GITHUB DORKING METHODOLOGY 🤫 1. When you go to do Github Dorking, what is the first thing you do? ==> You find your target's...
ManieshNeupaneFeb 9, 20221 min readSQL InjectionLogin function module: User Authentication . Input: User id and Password SQL: select * from admin where user_id = 'admin' and...
ManieshNeupaneJan 31, 20221 min readThe following commands can be used to get the information from the database:1: http://www.xyz.com/shell.php?id=10’ — + : — +, — -, # etc are Balance Query. The main page should be back after inputting this. 2:...
ManieshNeupaneJan 30, 20227 min readDNS leakLet us assume that you are using an anonymity or privacy service... It is extremely important for you that all the traffic that is...
ManieshNeupaneOct 10, 20213 min readHow to hunt for A01 : 2021- Broken Access Control {IDORS}What are Access Control Vulnerabilities? Access controls are designed to prevent users from acting outside their intended permissions,...
ManieshNeupaneSep 4, 20214 min readScope based reconReconnaissance (aka Recon) is an essential process in pentesting, especially Black Box Pentesting, where you don't have specifics about...
