Xposed Framework Plugins For  Android Pentesting

Xposed Framework Plugins For Android Pentesting

Mobile App Security
The workflow of Xposed framework Plugins for Android Pentesting Xposed framework Plugins for Android Pentesting helps in various android pentesting related...
Read More
Awesome Android Application Security

Awesome Android Application Security

Mobile App Security
Android Application Security This is a write-up of Android Application Security resources and tools which helps in Android Application pentesting...
Read More
Awesome iOS Application Security

Awesome iOS Application Security

Mobile App Security
This is a repository of iOS Security resources and tools which can be used in iOS pentesting and security research....
Read More
Markdown For Penetration testers & Bug-bounty hunters

Markdown For Penetration testers & Bug-bounty hunters

Web App Security
why is Markdown For Penetration testers & Bug-bounty hunters Our guide "Markdown For Penetration testers & Bug-bounty hunters" will make...
Read More
Mobexler : A Mobile Application Security Testing Platform

Mobexler : A Mobile Application Security Testing Platform

Mobile App Security
Mobexler is a Mobile Application Penetration Testing Platform, customised to include all tools required for penetration testing of Android & iOS applications. Mobexler comes preinstalled with various open source tools, ...
Read More
Finding and exploiting Blind XSS

Finding and exploiting Blind XSS

Web App Security
If you are here, we are already presuming that you know what XSS is and the major types of XSS(i.e Reflected and Stored). Plus there is DOM-based XSS too which ...
Read More
Doing RECON the correct way

Doing RECON the correct way

Web App Security
Hey guys, today we will discuss Information gathering aka Recon which is the foundation of every bug bounties or penetration tests which you will ever do. Many security researchers have ...
Read More
A User can change the personal details of any other user broken access control

A User can change the personal details of any other user broken access control

Web App Security
Broken Access Control Hi everyone. Welcome to this new post from ENCIPHERS. So recently, our team at ENCIPHERS conducted a penetration test for a certain company. The company is a ...
Read More
Knoxss vs Burpsuite(A practical Demonstration)

Knoxss vs Burpsuite(A practical Demonstration)

Web App Security
Knoxss vs Burpsuite Hello guys. So this is going to be an interesting blog as we are going to watch a practical demonstration of two awesome tools in the penetration ...
Read More
How can Expired URLs lead to an all-new kind of vulnerability?

How can Expired URLs lead to an all-new kind of vulnerability?

Web App Security
Hey guys. Actually, this is the 2nd part of the vulnerability which we discussed in the earlier post. You can read that post from here. Now if you read the ...
Read More
Bypassing Cloudflare WAF to get more vulnerabilities

Bypassing Cloudflare WAF to get more vulnerabilities

Web App Security
Bypassing WAF (Web Application Firewall) Hey guys, If you have been doing penetration testing or bug bounties for some time now, then you must have come across applications which uses ...
Read More
IDOR to change the email notifications of user

IDOR to change the email notifications of user

Web App Security
IDOR Hey guys. Welcome to this new post from ENCIPHERS. Recently we have been writing a lot about bypass of different access controls and in the recent pentest conducted by ...
Read More
Doing Subdomain Enumeration the right way

Doing Subdomain Enumeration the right way

Web App Security
Hey guys. Welcome to this new post from ENCIPHERS. For the last few months, we have been continuously writing about different Findings and the approach our team took to find ...
Read More
Bypassing Access Control to see the private videos of a user

Bypassing Access Control to see the private videos of a user

Web App Security
Hello security professionals. In the last post, we talked about the XSS finding in the recent penetration test conducted by our company ENCIPHERS. Here is a link to that post. ...
Read More
How self XSS got turned into a stored XSS?

How self XSS got turned into a stored XSS?

Web App Security
self XSS Hey everyone. Our company ENCIPHERS recently conducted a penetration test for a certain client XYZ and in this post, we will be sharing my XSS finding which was ...
Read More
1 2 3