In an era where cybersecurity threats are increasingly sophisticated, the importance of secure password management cannot be overstated. Password managers like KeePass aim to protect our sensitive information, but they are not immune to vulnerabilities. …

On January 18th, 2023, Synacktiv released an advisory regarding a vulnerability in sudo (CVE-2023–22809). This vulnerability allows users to escalate their privilege. Once a user has sudo privilege it’s pointless to say that is “what all he can do in that system”!!!! But to exploit the vulnerability It requires two…

On July 1st,2023, there was news that a “Vulnerability in WordPress plugin with 200,000+ active installations allows full site takeover with only “trivial” effort”.A CVE was also assigned to the vulnerability as CVE-2023–3460, with a CVSS v3.1 score of 9.8 (“critical”), As there was no publicly available exploit to use…

Objective: Understanding Cross-Site Request Forgery (CSRF) and Its Implementation. Introduction: In today’s interconnected web landscape, security threats are a persistent concern for businesses and individuals. Cross-Site Request Forgery (CSRF) is one such vulnerability that poses a significant risk to web applications. …

RTSP is Known as Real-time Streaming Protocol and is supported by all IP cameras, network video recorders, hybrid video recorders, and many more modern high-definition digital video recorders. The protocol is similar to the HTTP protocol and commonly used for streaming media content. …

CORS can only be completed by mentioning SOP or same-origin policy. So we should start with SOP before diving into CORS. What is SOP ??? The same-origin policy is a web browser security mechanism that aims to prevent websites from attacking each other. The same-origin policy restricts scripts on one…

Sometimes, an attacker sends payloads to hack a system. Still, nothing is returned by the application, which can confirm that the application is insecure or hackable as the process he interacted with is Blind. If we simplify the hacking then, it usually means that an attacker will send some data…

Do you love open Wi-Fi? Wait before latching onto open Wi-Fi read this, I am your opinion would change. Hackers many a times leave the their Wi-Fi open to use it as a bait. When someone connects their device to their open Wi-Fi, our device’s MAC address and IP address…

Hello OutThere Today I am going to write about a specific vulnerability which I have found in some of the web applications that I have pentested in past The vulnerability is race condition . Description:-As per the OWASP testing guide, “A race condition is a flaw that produces an unexpected result when…