Shaurya SharmaPrivilege escalation through insecure configuration.First of all, let’s deal with the insecure configuration. To begin with, IT professionals often use manuals and resources like…9 min read·Jun 29, 2021----
Shaurya SharmaCracking JWT signatureI am testing an API that uses JWT for authentication. This JWT is signed HS256 to prevent modification. I figured that if I define the…2 min read·Jun 1, 2021----
Shaurya SharmaAutomate WordPress recon for Bug Bounty | WordPress:Cheat sheetWordPress is a fairly large and complex product, with its own pros and cons, so there are a sufficient number of tools that allow you to…2 min read·Mar 23, 2021--1--1
Shaurya SharmaBypassing WAF with incorrect proxy settings for Hunting Bugs.Let’s Suppose the target system has the address-:2 min read·Feb 24, 2021----
Shaurya SharmainInfoSec Write-upsBounty Tip !! Easiest way to bypass API’s Rate Limit.What is Rate Limit ?2 min read·Apr 14, 2020--3--3
Shaurya SharmainInfoSec Write-upsBounty Tip: How to bypass authorization in SAML !Security Assertion Markup Language (SAML) is an open XML-based standard for exchanging authentication and authorization data between…2 min read·Apr 3, 2020--2--2
Shaurya SharmainInfoSec Write-upsBounty Tip- Open redirection escalated further into an XSS !!What is Open Redirection?2 min read·Mar 22, 2020--2--2
Shaurya SharmainInfoSec Write-upsEverything you want to know about IOT Security ! SimplifiedThe Internet of things is a network of devices that are connected to the Internet, controlled through it, and can exchange data with each…3 min read·Mar 19, 2020----