why is Markdown For Penetration testers & Bug-bounty hunters Our guide “Markdown For Penetration testers & Bug-bounty hunters” will make this clear. why markdown is so cool for writing reports just follow along. In penetration... Read more »
Category: Web App Security
Finding and exploiting Blind XSS
If you are here, we are already presuming that you know what XSS is and the major types of XSS(i.e Reflected and Stored). Plus there is DOM-based XSS too which is not that common as those other two. We have discussed in great depth about the different... Read more »
Doing RECON the correct way
z Hey guys, today we will discuss Information gathering aka Recon which is the foundation of every bug bounties or penetration tests which you will ever do. Many security researchers have found many CRITICAL and HIGH priority bugs just by doing proper... Read more »
A User can change the personal details of any other user broken access control
Broken Access Control Hi everyone. Welcome to this new post from ENCIPHERS. So recently, our team at ENCIPHERS conducted a penetration test for a certain company. The company is a very reputed one in the field of Money Investment and Real State business... Read more »
Knoxss vs Burpsuite(A practical Demonstration)
Knoxss vs Burpsuite Hello guys. So this is going to be an interesting blog as we are going to watch a practical demonstration of two awesome tools in the penetration testing industry those are Knoxss vs Burpsuite. One is Burpsuite. If you are here, then... Read more »
How can Expired URLs lead to an all-new kind of vulnerability?
Hey guys. Actually, this is the 2nd part of the vulnerability which we discussed in the earlier post. You can read that post from here. Now if you read the post, you will get to know that we have discussed the IDOR which we got in the e-commerce application. What... Read more »
Bypassing Cloudflare WAF to get more vulnerabilities
Bypassing WAF (Web Application Firewall) Hey guys, If you have been doing penetration testing or bug bounties for some time now, then you must have come across applications which uses Cloudflare as their Content Delivery Network(CDN) in this case you... Read more »
IDOR to change the email notifications of user
IDOR Hey guys. Welcome to this new post from ENCIPHERS. Recently we have been writing a lot about bypass of different access controls and in the recent pentest conducted by our team, we again got some medium priority vulnerabilities regarding horizontal... Read more »
Doing Subdomain Enumeration the right way
Hey guys. Welcome to this new post from ENCIPHERS. For the last few months, we have been continuously writing about different Findings and the approach our team took to find those. But there was one thing, which we wanted to share and that was the very... Read more »
Bypassing Access Control to see the private videos of a user
Hello security professionals. In the last post, we talked about the XSS finding in the recent penetration test conducted by our company ENCIPHERS. Here is a link to that post. In the same penetration test, we found another vulnerability which was really... Read more »
How self XSS got turned into a stored XSS?
self XSS Hey everyone. Our company ENCIPHERS recently conducted a penetration test for a certain client XYZ and in this post, we will be sharing my XSS finding which was among the most critical vulnerabilities we found in the application. The client here... Read more »
Some quick checks to do in the password reset implementation during a pentest
Hello and welcome everyone to this new post from ENCIPHERS. Passwords are the first line of defense against any security attack. You must have already been told to use a hard and long password containing different kinds of characters. Password policies... Read more »