Sitemap
Pages
Pages
- Pentest Service Feedback
- Compliance Service Feedback
- Home Page
- Compliance
- Penetration Tests
- Security Audits
- Services
- Blog
- Careers
- About
- Customers
- Terms of Use
- Contact Us
- Privacy Policy
- Recruiter Interview Meeting
- Granting External Access to a Private Git Repository in GitHub
- Overview Meeting
- Support
- Sales Feedback
Posts
Posts by category
- Articles
- Blog
- PHP Type Juggling Vulnerability
- Blind XSS to Complete Account Takeover
- Firebase Authentication Misconfiguration
- Single Packet Attack: Race Condition
- Subdomain Takeover Attack
- Account Takeover via JWT Misconfiguration
- Account Takeover via OTP Mechanism
- LLM Prompt Injection
- Breaking Application Logic with Negative User Input
- Exploiting Android Architecture
- File Upload RCE Exploitation: Upload Mechanism
- HTTP Security Headers
- Insecure Randomness
- Cracking JWT Vulnerabilities
- Bypassing Content-Security-Policy (CSP)
- Top 10 Node.js Security Best Practices
- Exploiting OpenID for Account Takeover
- Firebase Realtime Database Misconfigurations
- ReDoS Attacks
- Web Cache Poisoning & Deception
- How We Exploited Auth0 Misconfigurations
- RCE via Dependency Confusion Attack
- GraphQL Common Attack Vectors
- SSRF with DNS Rebinding
- SOP vs CORS
- AWS Cognito Misconfigurations
- WebSocket Misconfigurations
- NoSQL Injection
- JSON Injection
- Burp Extension: Authentication Token Obtain and Replace (ATOR)
- How We Bypassed File Upload Restrictions
- Privilege Escalation: Unauthenticated User to Admin
- How We Were Able to Access User Personal Data
- How We Were Able to Fetch Internal Server Resources