Blogs

HackTheBox (HTB) Walk-through: { Curling } | by secureITmania | InfoSec Write-ups
HackTheBox (HTB) Walk-through: { Curling } | by secureITmania | InfoSec Write-ups

A little boring story : Being an IT security researcher I always try to grow my knowledge in terms …

Tags: hackthebox, CTF Writeup, LevelUp, ReverseShell, CyberSecurity

Read More
How I exploit the JSON CSRF with method override technique | by secureITmania | InfoSec Write-ups
How I exploit the JSON CSRF with method override technique | by secureITmania | InfoSec Write-ups

CSRF(Cross-Site Request Forgery) is a kind of web application vulnerability, using this a malevolen…

Tags: CSRF, WebSecurity, BugBounty, Hacking

Read More
A secret note to Bug hunters about URL structure and its parsers. | by secureITmania | entersoftsecurity | Medium
A secret note to Bug hunters about URL structure and its parsers. | by secureITmania | entersoftsecurity | Medium

We all are familiar with the internet, so we are also familiar with URLs. We can easily recognize a…

Tags: URL, DNS, WebSecurity, SSRF,

Read More
Hack crypto secrets from heap memory to exploit Android application | by secureITmania | InfoSec Write-ups
Hack crypto secrets from heap memory to exploit Android application | by secureITmania | InfoSec Write-ups

In the recent private bugbounty program, I faced a challenge. In which the application request body…

Tags: AndroidPentesting, Mobile Security, HeapMemory, ReverseEngineering, Sensitive Data Exposure

Read More
Let’s know How I have explored the buried secrets in React Native application | by secureITmania | InfoSec Write-ups
Let’s know How I have explored the buried secrets in React Native application | by secureITmania | InfoSec Write-ups

React Native is a mobile application framework that is most commonly used to develop applications f…

Tags: AndroidPentesting, Mobile Security, ReactNative, ReverseEngineering, Sensitive Data Exposure

Read More
Let’s know How I have explored the buried secrets in Xamarin application | by secureITmania | InfoSec Write-ups
Let’s know How I have explored the buried secrets in Xamarin application | by secureITmania | InfoSec Write-ups

Xamarin is a free and open source mobile app platform for building native and high-performance iOS,…

Tags: AndroidPentesting, Mobile Security, Xamarin, ReverseEngineering, Sensitive Data Exposure

Read More
An unknown Linux secret that turned SSRF to OS Command injection | by secureITmania | Medium
An unknown Linux secret that turned SSRF to OS Command injection | by secureITmania | Medium

SSRF stands for Server-Side Request Forgery. SSRF is a kind of web application vulnerability. Using…

Tags: SSRF, websecurity, bugbounty, Hacking, API Security, InformationSecurity, OS Command, OWASPTop10

Read More
Genymotion+Xposed+Inspeckage. Android application dynamic analysis… | by secureITmania | InfoSec Write-ups
Genymotion+Xposed+Inspeckage. Android application dynamic analysis… | by secureITmania | InfoSec Write-ups

To perform the android application penetration testing we need a rooted android device. But it is n…

Tags: Android Security, Android PT, Infosec, MobileSecurity

Read More
Never leave this tip while you hunting Broken Access Control | by secureITmania | Medium
Never leave this tip while you hunting Broken Access Control | by secureITmania | Medium

Broken Access Control is a type of weakness in the software program or application. If the system g…

Tags: Broken Access Control, IDOR, BugBounty, Infosec

Read More