Hi Information Security folk, I hope you liked my previous article that was on Application Programming Interface(API) Vulnerabilities. However, Today We’ll learn about a very popular vulnerability found on 10 December called Log4shell. Log4Shell (CVE-2021–44228) was a zero-day vulnerability discovered on the apache log4j framework, with the help of log4shell…

Hi Information Security folk, I hope you liked my previous article that was on Application Programming Interface(API) Vulnerabilities. However, Today We’ll learn about how many vulnerabilities were found in a very popular query language called Graphql. As We knew whenever new technology was found then new vulnerabilities were also arising…

Hi Information Security folk, I hope you liked my previous article that was on Cross-Origin-Resource-Sharing(CORS) Misconfiguration. However, Today We’ll learn about API vulnerabilities. But In this article, I’ll teach you basic stuff for API not deep because After completing Penetration-List. then I’ll start the API penetration testing articles series, I’ll…

Hi Information Security folk, I hope you liked my previous articles that were on HTML-Injection. However, Today We’ll learn about Cross-Origin-Resource-Sharing Misconfiguration, In which I’ll teach about this misconfiguration, How You’ll detect this vulnerable on the server, and How You’ll Easily write an exploit for this misconfiguration to retrieve Tokens…

Hi Information Security folk, I hope you like my previous article that was on Server-Side-Request-Forgery(SSRF). However, Today we’ll learn about HTML-INJECTION, Before We start firstly, I will introduce myself. So, I’m Aniket Tyagi and I’m an Information Technology officer at the 5f eco foundation of India, an Information Security Researcher…

Hi Information Security folk, I hope you like my previous article that was on CSRF(Cross-Side-Request-Forgery). Before We, go to the next topic, I would like to tell you something In the “penetration-List” Project, A new member was joined her name is “Sourav Chakraborty”. However, Today we’ll learn about Server-Side-Request-Forgery(SSRF). Firstly…

Hi Information Security folk, I hope you are well and doing great in your life, Before we go to the next step, You’ll need to learn about CSRF Vulnerability, therefore check our previous article on csrf, However, Today we’ll learn about CSRF-Bypass-Technique’s. Where I’ll teach You Some-Basic bypass techniques to…

Hi Information Security folk, I hope you are well and doing great in your life, Also I hope You liked my previous article about Command-Injection. However, Today we’ll learn about Client-Side-Request-Forgery(CSRF). Where I’ll teach You Basic knowledge about CSRF, Exploitation, Bypass, and Real World scenarios. However. Firstly, I will introduce…

Hi Information Security folk, I hope you liked the SQL-Injection Sample Series, Where You learned about SQL-Injection In-depth, However, In today’s article we’ll start learning about Command Injection also known as Remote Command Execution, not Remote Code Execution. Firstly, I will introduce myself. So, I’m Aniket Tyagi and I’m an…