CALL US

+91 9116117170

Author: Devashish Soni

New iPhone and Mac-book camera hack

By Devashish Soni 0 Comment April 4, 2020

If you are using iPhone, MacBook or Apple, here is a piece of alarming news for you Turns out that merely visiting a website — not just malicious one also the legitimate sites unknowingly loading malicious ads on them can give access to your device’s location, microphone, your camera, and in some cases, saved passwords […]

Rules of Bug Bounty

By Devashish Soni 0 Comment April 2, 2020

Targeting a Bug Bounty Program How long you target a program? “some hours or a night” if this is your answer Then That’s where you are doing everything wrong. Bug Hunting is Matter of Luck and Skill’s .Spending just a few hours on a program could be waste of time Because those bugs are mostly […]

Google Hacking For Penetration Testers

By Devashish Soni 0 Comment March 19, 2020

Google hacking or Google dorking is an advance google search technique for information gathering. These search queries can be used to gather information for arbitrary or individual targets, identify security vulnerabilities in web applications, discover files containing credentials and other sensitive data, discover error messages disclosing sensitive information Before we Begin: Before we start what […]

Abusing the AWS Metadata services using SSRF

By Devashish Soni 0 Comment March 5, 2020

What is AWS AWS stands for amazon web services. It is a platform that offers reliable, flexible, easy-to-use, cost-effective and scalable cloud computing solutions. What is SSRF SSRF stands for Server-Side Request Forgery. It is a vulnerability that let’s an attacker send crafted requests from the back-end server of a vulnerable web application. Attackers usually […]

How to Automate IDOR using BurpSuit

By Devashish Soni 0 Comment February 28, 2020

What is IDOR IDOR stands for ‘Insecure Direct Object Reference’. It is a security vulnerability in which a user is able to change data or can access data of another users. IDOR occurs when the internal implementation of an object is done without proper validation mechanism which allow an attacker to gain access to these […]

error: Content is protected by Cyberops !!