How I was able to Load Money Into My Account. What are business Logic vulnerabilities? Business Logic Vulnerabilities come down to imperfections within the execution and plan of your application or site. In the event that you accept that your site or app is as it was progressing to be utilized by genuine clients, there will be no frame of…

User Enumeration:

Hello Everyone, Welcome to another blog. To people who don’t know me myself Ganesh, I am a security analyst at WesecureApp and a Part-time bug bounty hunter at Bugcrowd. What is CVE 2020–3452? A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat…

HTTP VERB TAMPERING: HTTP Verb Altering is an assault that misuses vulnerabilities in HTTP verb (too known as HTTP strategy) verification and gets to control components. …

Thanks, hackers community, You all inspire me a lot. Insecure Direct Object Reference (called IDOR from here) occurs when a application exposes a reference to an internal implementation object. Using this way, it reveals the real identifier and format/pattern used of the element in the storage backend side. …

What is Hadoop? Hadoop is an open-source software framework for storing data and running applications on clusters of commodity hardware. It provides massive storage for any kind of data, enormous processing power and the ability to handle virtually limitless concurrent tasks or jobs. Types of components in Hadoop? Storage Unit → HDFS (Hadoop…

Let me thank all the bug bounty hunters over there who are creating great content and inspiring a lot of people like me. Thank You, community folks, @stokfredik @hakluke @farah_hawa01 @dhakal_ananda @adityashende17 Bugcrowd Mentors: @akhilreni_hs @rakesh_3895 Hello Everyone, Welcome to another blog. To people who don’t know me myself Ganesh…

Let me thank all the bug bounty hunters over there who are creating great content and inspiring a lot of people like me. Thank You, community folks, @akhilreni_hs @stokfredik @hakluke @farah_hawa01 @dhakal_ananda @adityashende17 @bugcrowd @rakesh_3895 Hello Everyone, Welcome to another blog. To people who don’t know me myself Ganesh, I…

Let me thank all the bug bounty hunters over there who are creating great content and inspiring a lot of people like me. Thank You, community folks, @akhilreni_hs @stokfredik @hakluke @farah_hawa01 @dhakal_ananda @adityashende17 @bugcrowd @rakesh_3895 Hi Guys, Myself Ganesh, I am a security analyst at WesecureApp and a part-time bug…