Shaurya SharmaEverything about CSP (Content Security Policy)and bypassing it Like a PRO!!What is CSP? 🤔 Content Security Policy (CSP) is a security feature implemented by modern web browsers to prevent various types of attacks…Aug 17Aug 17
Shaurya SharmaPrivilege escalation through insecure configuration.First of all, let’s deal with the insecure configuration. To begin with, IT professionals often use manuals and resources like…Jun 29, 2021Jun 29, 2021
Shaurya SharmaCracking JWT signatureI am testing an API that uses JWT for authentication. This JWT is signed HS256 to prevent modification. I figured that if I define the…Jun 1, 20212Jun 1, 20212
Shaurya SharmaAutomate WordPress recon for Bug Bounty | WordPress:Cheat sheetWordPress is a fairly large and complex product, with its own pros and cons, so there are a sufficient number of tools that allow you to…Mar 23, 20211Mar 23, 20211
Shaurya SharmaBypassing WAF with incorrect proxy settings for Hunting Bugs.Let’s Suppose the target system has the address-:Feb 24, 2021Feb 24, 2021
Shaurya SharmainInfoSec Write-upsBounty Tip !! Easiest way to bypass API’s Rate Limit.What is Rate Limit ?Apr 14, 20203Apr 14, 20203
Shaurya SharmainInfoSec Write-upsBounty Tip: How to bypass authorization in SAML !Security Assertion Markup Language (SAML) is an open XML-based standard for exchanging authentication and authorization data between…Apr 3, 20202Apr 3, 20202
Shaurya SharmainInfoSec Write-upsBounty Tip- Open redirection escalated further into an XSS !!What is Open Redirection?Mar 22, 20202Mar 22, 20202