A few issues ago I presented what is known as client-side WebSocket hijacking. However, this is not the only issue that can occur there. At the end, the backend still processes your input somehow. When it does, standard vulnerabilities with access control or injection...
#13
Meditation
Many people, including me, have such an image in mind when first hearing about meditation. However, that's not the only way to meditate. The way more common one, practised by many people, looks more like sitting on a chair with closed eyes - nothing special from the...
Hack your resume
In the latest live recon, Nahamsec's guest was Jason Haddix. However, this wasn't a standard episode. This time, they focused on creating an InfoSec resume. If you want to know what things you should focus on to impress the HR or the security team, definitely watch...
Approaching GraphQL with turned off introspection
GraphQL is a query language that sits somewhere between the client and a backend system. The backend doesn't have to be a database - it might also be a microservice or even a 3rd party API. A few years ago it was only "something new" but today more and more companies...
Creating wordlists
I'm not a recon-heavy type of hacker. To be honest, understanding and deep diving are much more interesting to me. However, I also want to know something about enumeration. So I took a look at "Creating Wordlists for Hacking, Pentesting & Bug Bounty Hunting Using...
Overlooked vulnerability classes
A few weeks ago, OWASP TOP 10 2021 was released. Unfortunately, it becomes more and more useful for developers and less useful for hackers. You won't find there many concrete vulnerability classes. Instead, there are generic... hmm bugs? I'm not sure bugs is the...
Get CVEs by hacking WordPress plugins
Wpscan.com are the creators of the tool with the same name. It's definitely something you used if you have ever approached a WordPress target. They created an ebook about looking for vulnerabilities in WP plugins. It's for you if you prefer white-box testing...
8 non-obvious Burp intruder tricks
Intruder is my second most often used active functionality of Burp, after repeater of course. For a long time, I had been using this tool inefficiently. I just didn't know about it. Now I've learnt a bit and I'm happy to share 8 non-obvious tips that will improve your...