What is CSRF Cross Site request Forgery (CSRF) is a type of security vulnerability that occurs when an attacker tricks a user’s web browser into unintentionally making a request to a web application on which the user is authenticated. This can lead to the execution of unauthorized actions on behalf of the user without their
Today I am going to give you a good understanding of one of the top 10 listed vulnerabilities in OWASP web category: Insecure Deserialization. We will be covering the basic concepts of serialization and deserialization to all the way to the exploitation part. So let’s not waste more time and directly dive into it. Introduction:
What is JWT JWT (JSON Web Token) is a widely used open standard for securely transmitting information between parties as a JSON object. It is commonly used for authentication and authorization purposes in web applications. JWT consists of three parts: a header, a payload, and a signature. What is Algorithm Confusion Attack In an algorithm
Hello everyone, today we will do an analysis of SSTI vulnerabilities that were found on HackerOne. SSTI stands for Server-Side Template Injection which is a vulnerability that occurs when an application allows user-controlled data to be embedded directly into server-side templates. Researchers can exploit this vulnerability to execute arbitrary code or gain unauthorized access to
