Skip to content
  • Home
  • OWASP Top 10
  • Bug bounty hunting
  • About
  • Contact
  • How to support

Tag: injection owasp top 10

best ethical hacking books for bug bounty hunters

The best hacking books for ethical hackers

December 29, 2021 by thehackerish

Hello Ethical Hackers! Today I share with you the best hacking books I enjoyed reading since the beginning of my career in Information Security! I will constantly update the list as I read more, but you already have enough hacking books to get you started in the information security industry. It also contains some advanced …

Continue Reading
Account takeover: From zero to System Admin

Account takeover: From zero to System Admin

April 22, 2021 by thehackerish

Hello ethical hackers! Today I share with you an account takeover I achieved during a recent penetration testing of a web application. For those who don’t know know what an account takeover is, there is a dedicated section for that. From there, I will explain how I enumerated all the endpoints. Then, I will walk …

Continue Reading

OSCP Certification: All you need to know

April 22, 2021 by thehackerish

Hello ethical hackers! In this episode, you will learn everything related to OSCP certification. What is OSCP? Why is it a strong certification? What sets it apart? What are the requirements? How to properly prepare for the exam? What to do the day of the exam? And what’s next once you earn your OSCP certification? …

Continue Reading

OWASP Top 10 vulnerabilities: Injection explained

April 22, 2021 by thehackerish

Hello and welcome to this OWASP Top 10 vulnerabilities course. Today’s blog post is about Injection.  By the end of this post, you will have understood the following points: What is OWASP Top 10 Injection?  Why Injection is on the top of the OWASP Top 10 vulnerabilities? What is the difference between error and blind-based …

Continue Reading

IDOR explained – OWASP Top 10 vulnerabilities

April 22, 2021 by thehackerish

Hello ethical hackers and welcome to this new episode of the OWASP Top 10 vulnerabilities series. In this blog post, you will learn all aspects of the IDOR vulnerability. You will start with the basics and gradually build your knowledge. When you finish reading this article, you will have a solid understanding of IDOR. Besides, …

Continue Reading
idor: insecure direct object reference

IDOR tutorial hands-on – OWASP Top 10 training

April 22, 2021 by thehackerish

Hello ethical hackers and welcome again to this OWASP Top 10 training series. In this hands-on IDOR tutorial, you will practice what you’ve learned about the IDOR vulnerability we explored earlier. Specifically, you will leverage IDOR to: Access other users’ data using simple IDs and UUIDs Impersonate other users Hunt for hard IDs Delete other …

Continue Reading

XXE explained – OWASP Top 10 vulnerabilities

April 22, 2021 by thehackerish

Welcome to this new episode of the OWASP Top 10 vulnerabilities series. Today, you will learn everything related to XXE. This blog post will explain the theory with some examples. By the end, you will be ready to tackle XXE in practice. Don’t forget to subscribe the Friday newsletter to kickstart your Some key XXE …

Continue Reading
XXE tutorial

XXE tutorial in practice – OWASP Top 10 training

April 22, 2021 by thehackerish

Hello and welcome to this OWASP Top 10 training series. Today, you will practice XXE injection on OWASP WebGoat. By the end of this XXE tutorial, you will achieve the following goals: Exploit XXE to Read internal files from the vulnerable server. Pivot from XXE to SSRF Exploit a Blind XXE Perform the Billion laughs …

Continue Reading
Sensitive Data Exposure

Sensitive Data Exposure tutorial – OWASP Top 10 training

April 22, 2021 by thehackerish

Hello and welcome to this new episode of the OWASP Top 10 training series. In this Sensitive Data Exposure tutorial, you will practice your skills on three challenges If you have no idea about this vulnerability, I invite you to read this blog post which explains Sensitive Data Exposure in detail. Make sure to subscribe …

Continue Reading

Sensitive Data Exposure explained – OWASP Top 10

April 22, 2021 by thehackerish

Welcome to this new episode on the OWASP Top 10 vulnerabilities series. Today, you’ll learn about the OWASP Sensitive data exposure vulnerability. If you already now the theory behind this vulnerability, you can practice on this tutorial. The agenda will cover the following: Define what is sensitive data exposure Explain Sensitive data exposure types Show …

Continue Reading

Posts navigation

  • 1
  • 2
  • Next

Get you Free hacking lab VM.

free-hacking-lab-vm
Click on the image and get all you need to kickstart your journey in Web Hacking!

Overcome your struggles and become a successful bug bounty hunter!

Bug bounty hunting journey book
Click on the image and grab your own copy NOW!

Listen to the Hack for Fun and Profit Podcast

Support my work!

Categories

  • burp suite
  • Hacking
    • bug bounty
    • Penetration testing
    • red team
  • OWASP
    • OWASP juice shop
    • OWASP Top 10
      • OWASP Top 10 training
      • OWASP Top 10 vulnerabilities
    • OWASP WebGoat
    • OWASP ZAP
  • Secure coding
  • Uncategorized

Overcome your struggles and become a successful bug bounty hunter!

Get you Free hacking lab VM

free-hacking-lab-vm
free-hacking-lab-vm
© 2023 thehackerish | Built using WordPress and SuperbThemes