Category Uncategorized

Exif meta data worth $XXXX

What is Exif meta data ? A photo’s EXIF data contains a ton of information about your camera, and potentially where the picture was taken (GPS coordinates). That means, if you’re sharing images, there’s a lot of details others can glean…

How I was able to get extra coins

Before we start we have to understand working of Frida What is Frida? It’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and…

API key

Whats is API? An application programming interface key is a unique identifier used to authenticate a user, developer, or calling program to an API. However, they are typically used to authenticate a project with the API rather than a human…

Tail of IDOR

What is IDOR? when a reference to an internal implementation object, such as a file or database key, is exposed to users without any other access control. In such cases, the attacker can manipulate those references to get access to…

Using P3 Bug to escalate other P4 to P3

What is Sensitive Data Exposure? Sensitive Data Exposure occurs when an application does not adequately protect sensitive information. The data can vary and anything from passwords, Email-id, session tokens, credit card data to private health data and more can be…

Account takeover CSRF Misconfiguration

What is CSRF? Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re currently authenticated. CSRF attacks specifically target state-changing requests, not theft of data, since the…