Skip to content
  • Home
  • OWASP Top 10
  • Bug bounty hunting
  • About
  • Contact
  • How to support

Category: Hacking

ctf writeup walkthrough

Capture the flag writeup for the H1-2006 challenge

June 18, 2020 by thehackerish

Introduction Hello ethical hackers! Today I will share with you my capture the flag writeup for H1-2006. It details my process of solving this awesome challenge organized by HackerOne.  One of the objectives I have this year is to get invited into a live hacking event. In an attempt to achieve this, I accepted the …

Continue Reading
bug bounty tools

Bug bounty tools from enumeration to reporting

June 12, 2020 by thehackerish

Hello ethical hacker and welcome to the world of hacking and bug bounty hunting. Today, you will learn the bug bounty tools I use when I hunt for vulnerabilities, from reconnaissance, to subdomain enumeration, to finding your first security vulnerabilities. Every craftsman has its toolbox and a bounty hunter is no different. However, it’s easy …

Continue Reading
hacking a GWT application

Hacking a Google Web Toolkit application

May 29, 2020 by thehackerish

Hello ethical hackers and bug bounty hunters! I’ve recently conducted a successful penetration testing against a web application built using Google Web Toolkit, and I want to share with you the process I followed and the bugs I found. Hopefully, this episode will inspire you to try harder during your own bug bounty hunting and …

Continue Reading
how to write good bug bounty reports

Bug bounty reports that stand out, how to write one?

May 7, 2020 by thehackerish

Hello dear ethical hackers and welcome to this new article about bug bounty hunting. If you’ve been following along from the beginning, you have hopefully found at least one bug by now. If it’s the case, then congratulations! Now it’s time to report that bug right? Well, I have been working as a triage Analyst …

Continue Reading
my bug bounty methodology

My bug bounty methodology and how I approach a target

April 30, 2020 by thehackerish

Last time, I showed you the best resources I use to stay up to date in bug bounty hunting. Today, I will share with you my bug bounty methodology when I approach a target for the first time. This is going to be divided into several sections. First, I will show how I choose a …

Continue Reading
top bug bounty resources to stay up to date

The top 9 bug bounty resources to stay up to date

April 21, 2020 by thehackerish

In this episode, we will explore the best bug bounty resources and how you can properly use them to efficiently stay up to date. Some are robust resources provided by the bug bounty platforms and the community. Others are general websites which you can customize to fit your bug bounty needs.

Continue Reading
Bug bounty burnout and your mental health

Bug bounty burnout and your mental health

April 11, 2020 by thehackerish

Last time, we gained a bird’s eye view of the landscape of bug bounties. We concluded that they have many benefits, but can also lead to bug bounty burnout. Today, we explore what causes burnout and suggest ways to heal from it and preserve your mental health while still doing what you’re passionate about: Hacking!As …

Continue Reading

OWASP Top 10: The Ultimate Guide

April 19, 2020 by thehackerish

If you are here, chances are that you want to learn web application security or the OWASP Top 10, but you don’t know where to start. Well, let me tell you that you came to the right place. I’m a penetration tester who enjoys breaking into my clients’ infrastructure and web applications. Besides, I train …

Continue Reading
insecure deserialization

Insecure Deserialization explained with examples

July 5, 2020 by thehackerish

Hello ethical hackers and welcome to this new episode of the OWASP Top 10 vulnerabilities series. In this blog post, you will learn Insecure Deserialization vulnerability. The plan is as follows: Insecure deserialization definition: This where you will learn the key terminologies and concepts behind this vulnerability,  Examples of insecure deserialization in different programming languages: …

Continue Reading
Security misconfiguration

OWASP Security misconfiguration explained

February 24, 2020 by thehackerish

Hello dear readers and welcome to this new OWASP Top 10 vulnerabilities episode. Today’s article is about Security misconfiguration. You will learn one of the most impactful vulnerabilities which some bug bounty hunters specialize in. Yet, many security testers overlook it. We will explore the following points:  Define Security misconfiguration: First, we need to start …

Continue Reading

Posts navigation

  • Previous
  • 1
  • 2
  • 3
  • Next

Get you Free hacking lab VM

free-hacking-lab-vm
Click on the image and get all you need to kickstart your journey in Web Hacking!

Overcome your struggles and become a successful bug bounty hunter!

Bug bounty hunting journey book
Click on the image and grab your own copy NOW!

Listen to the Hack for Fun and Profit Podcast

Support my work!

Categories

  • burp suite
  • Hacking
    • bug bounty
    • Penetration testing
  • OWASP
    • OWASP juice shop
    • OWASP Top 10
      • OWASP Top 10 training
      • OWASP Top 10 vulnerabilities
    • OWASP WebGoat
    • OWASP ZAP
  • Secure coding
  • Uncategorized

Overcome your struggles and become a successful bug bounty hunter!

Get you Free hacking lab VM

free-hacking-lab-vm
free-hacking-lab-vm
© 2021 thehackerish | Built using WordPress and SuperbThemes
This site uses cookies: Find out more.