BugCrowd Hosted a LevelUp0x07 CTF in the month of August 2020 which was a web and Android-based capture the flag challenge to actively exploit the web and mobile applications and collect all the flags. Each…
Security is a Myth & Control is Illusion
Security is a Myth & Control is Illusion
BugCrowd Hosted a LevelUp0x07 CTF in the month of August 2020 which was a web and Android-based capture the flag challenge to actively exploit the web and mobile applications and collect all the flags. Each…
Oouch is a Hard Box Linux Box from HackTheBox which basically comprises of Exploiting OAuth without any CSRF Token Validation then stealing Cookie via CSRF (Cross-Side Request Forgery) where URL is fetched in contact admin…
Before we begin with JSON CSRF we need to nail down the Fundamentals of traditional CSRF and JSON based CSRF. What is CSRF? CSRF is Cross-Site Request Forgery vulnerability which can be used to force…
Summary: Sauna is an Easy Machine from HackTheBox which is based on Active Directory. We would be using various tools for exploitation such as Python Collection Impacket and Evil WinRM. The Initial Foothold of this…