What is race condition ? Multiple resources trying to access same resource. example: you are booking a train ticket online and only a single seat ( assume seat no:5 ) is there. now you book a ticket for that seat and at the same time some other person from the different locations also booking the […]
BUG: BUSINESS LOGIC Case Study As this was a private program all illustrations of vulnerabilities will be represented with the host as example.com The application is built to play Quiz and win reward points that can be used as money to play Quiz example: 10 reward points = 1 Rs to play a quiz you […]
What is API? An application programming interface key is a unique identifier used to authenticate a user, developer, or calling program to an API. However, they are typically used to authenticate a project with the API rather than a human user. Where to find? 1: Source code : Right click on web_application –> inspect element […]
What is IDOR? when a reference to an internal implementation object, such as a file or database key, is exposed to users without any other access control. In such cases, the attacker can manipulate those references to get access to unauthorized data. Case Study As this was a private program all illustrations of vulnerabilities will […]
What is Sensitive Data Exposure? Sensitive Data Exposure occurs when an application does not adequately protect sensitive information. The data can vary and anything from passwords, Email-id, session tokens, credit card data to private health data and more can be exposed. Case Study As this was a private program all illustrations of vulnerabilities will be […]
Case Study As this was a private program all illustrations of vulnerabilities will be represented with the host as example.com The application had a Registration page where a user could register a new Email-id and password which allowed him to log in to the application via the login page. Registration process Enter email-id and password […]