Hey guys. Welcome to this new post from ENCIPHERS. If you are here, we are already presuming that you know what XSS is and the major types of XSS(i.e Reflected and Stored). Plus there is DOM-based XSS too which is not that common as those other two. We... Read more »
Category: Web App Security
Doing RECON the correct way
Hey guys, today we will discuss Information gathering aka Recon which is the foundation of every bug bounties or penetration tests which you will ever do. Many security researchers have found many CRITICAL and HIGH priority bugs just by doing proper information... Read more »
A User can change the personal details of any other user
Hi everyone. Welcome to this new post from ENCIPHERS. So recently, our team at ENCIPHERS conducted a penetration test for a certain company. The company is a very reputed one in the field of Money Investment and Real State business and it has a lot of... Read more »
Knoxss vs Burpsuite(A practical Demonstration)
Hello guys. So this is going to be an interesting blog as we are going to watch a practical demonstration of two awesome tools in the penetration testing industry. One is Burpsuite. If you are here, then we probably assume that you know what Burpsuite... Read more »
How can Expired URL’s lead to an all new kind of vulnerability?
Hey guys. Actually, this is the 2nd part of the vulnerability which we discussed in the earlier post. You can read that post from here. Now if you read the post, you will get to know that we have discussed the IDOR which we got in the e-commerce application. What... Read more »
Bypassing Cloudflare WAF to get more vulnerabilities
Hey guys, If you have been doing penetration testing or bug bounties for some time now, then you must have come across applications which uses Cloudflare as their Content Delivery Network(CDN). As a new bug bounty hunter or penetration tester, you must... Read more »
IDOR to change the email notifications of user
Hey guys. Welcome to this new post from ENCIPHERS. Recently we have been writing a lot about bypass of different access controls and in the recent pentest conducted by our team, we again got some medium priority vulnerabilities regarding horizontal access... Read more »
Doing Subdomain Enumeration the right way
Hey guys. Welcome to this new post from ENCIPHERS. For the last few months, we have been continuously writing about different Findings and the approach our team took to find those. But there was one thing, which we wanted to share and that was the very... Read more »
Bypassing Access Control to see the private videos of an user
Hello security professionals. In the last post, we talked about the XSS finding in the recent penetration test conducted by our company ENCIPHERS. Here is a link to that post. In the same penetration test, we found another vulnerability which was really... Read more »
How self XSS got turned into an stored XSS ?
Hey everyone. Our company ENCIPHERS recently conducted a penetration test for a certain client XYZ and in this post, we will be sharing my XSS finding which was among the most critical vulnerabilities we found in the application. The client here was a... Read more »
Some quick checks to do in the password reset implementation during a pentest
Hello and welcome everyone to this new post from ENCIPHERS. Passwords are the first line of defense against any security attack. You must have already been told to use a hard and long password containing different kinds of characters. Password policies... Read more »
How missing access control can make your application hacker-friendly?
Welcome back my hacker friends. If you have already gone through the OWASP TOP 10 for 2017, you will find that Broken Access Control is in the 5th position on the list. In the recent penetration tests, our team at ENCIPHERS found a whole lot of vulnerabilities... Read more »