How self XSS got turned into a stored XSS?

How self XSS got turned into a stored XSS?

Web App Security
self XSS Hey everyone. Our company ENCIPHERS recently conducted a penetration test for a certain client XYZ and in this post, we will be sharing my XSS finding which was ...
Read More
Some quick checks to do in the password reset implementation during a pentest

Some quick checks to do in the password reset implementation during a pentest

Web App Security
Hello and welcome everyone to this new post from ENCIPHERS. Passwords are the first line of defense against any security attack. You must have already been told to use a ...
Read More
How missing access control can make your application hacker-friendly?

How missing access control can make your application hacker-friendly?

Web App Security
Welcome back my hacker friends. If you have already gone through the OWASP TOP 10 for 2017, you will find that Broken Access Control is in the 5th position on ...
Read More
Our three favorite burp suite extensions and how to use them

Our three favorite burp suite extensions and how to use them

Web App Security
Hey there. In this post, we will be talking about some of the most popular Burspuite extensions and the different features about them. If you have been doing penetration testing ...
Read More
Subdomain Takeover

Subdomain Takeover

Web App Security
Hello, everyone. We have talked a lot about the TOP 10 web application vulnerabilities by OWASP in the other posts. This time we are going to learn something new which ...
Read More
How to exploit XXE vulnerabilities?

How to exploit XXE vulnerabilities?

Web App Security
Hi everyone. In this blog, we are going to discuss a critical web application vulnerability known as XML External Entity vulnerability also known as XXE. XXE is at the 4th ...
Read More
Different tricks to get ‘XSS’

Different tricks to get ‘XSS’

Web App Security
Hey guys. Welcome to the new post from ENCIPHERS. As we think, you must be knowing that Cross Site Scripting is the most prevalent vulnerability present in any web application ...
Read More
Beginner’s guide to Bug Bounty hunting

Beginner’s guide to Bug Bounty hunting

Web App Security
Wanna know how to start with Bug Bounties and why do thousands of security researchers from all over the world spend most of their time on public bug bounties, then ...
Read More
Utilizing Burpsuite Extensions

Utilizing Burpsuite Extensions

Web App Security
So it’s almost of the end of the year 2K17, and guess what we wanted to tell you people a really cool stuff which will definitely help you in your ...
Read More
Creating a CSRF PoC using Burp Pro?

Creating a CSRF PoC using Burp Pro?

Web App Security
Hello, my hacker friends and the whole security community out there. We have discussed a whole lot of random topics previously and we do guess that you people must have ...
Read More
Injection Attacks

Injection Attacks

Web App Security
Hey everyone to this new post on Injection attacks. We had already discussed the SQL Injection attack in one of our previous posts. Since SQL Injection was a big topic, ...
Read More
Common security issues in Authentication  – Part 2

Common security issues in Authentication – Part 2

Web App Security
Welcome everyone to this second and final post of authentication testing series. In the first part, we saw the 4 major testings that should be kept in mind as a ...
Read More
Common security issues in Authentication  – Part 1

Common security issues in Authentication – Part 1

Web App Security
Hey, everyone. This topic of authentication testing will actually be divided into two posts as it is quite a long topic and we have to share quite a things with ...
Read More
Using Google for hacking and GHDB

Using Google for hacking and GHDB

Web App Security
So the title of this post looks quite catchy? Isn’t it? But be assured because yes we will really hack Google “Search” not only for the sole purpose of helping ...
Read More
BurpSuite – Swiss Knife for penetration testers

BurpSuite – Swiss Knife for penetration testers

Web App Security
Welcome back everyone to this very new blog post. There are so many different tools and applications for pentesters but did you ever think which is the most loved one ...
Read More
1 2 3