Toolkit to detect and keep track on Blind XSS, XXE & SSRF - SpiderMate/B-XSSRF

This is my second blog about #bugbounty.You can check out my first blog that is full of resources and content for bug bounty hunters. If…

Alternative ways to retrieve table names in MySQL — without information_schema.

A bug chain of HTTP Request Smuggling that led to account takeover

Hello Guys,
Just a Rough analysis of bugs Disclosed Publicly about CRLF injection

Introduction :

  Bug Bounty Tips Over the past years we have shared a lot of  tips to help our readers in one way or another. Thinking outside the box or trying a different approach could be the defining factor in...

Today in "from 0 to pentesting hero" we will talk about a function that checks if a file with the given name exists on the hard drive.
Could such a simple functionality be harmful? You will find out in today's episode.

Blackhat presentation: https://github.com/s…

When looking for security vulnerabilities on a web application - either for bug hunting or a penetration test project -, I always check 2…

SSRF exploitation. There is such a thing as SSRF. There’s lots of information about it, but here is my quick summary.🔍

Insights from Europe’s #1 ethical hacker community As a community-driven platform, we build upon the insights and feedback from our valuable hackers. Over the past few months, we’ve asked our researcher community various questions concerning bug bounties…

Purchase my Bug Bounty Course here 👉🏼 bugbounty.nahamsec.training
Live every Sunday on Twitch:
https://twitch.tv/nahamsec

Follow me on social media:
https://twitter.com/nahamsec
https://instagram.com/nahamsec
https://twitch.com/nahamsec
https://hackerone.com/nahamsec…

Repeater is one of the most frequently used part of Burp Suite. But there is plenty of hidden features there. Do you know all of them? Check my video with 12 tricks.

0:09 Change tab name
0:24 Restore closed tab
0:44 Request history
0:55 Auto scroll
1:19…

Hello readers,

Been in the bug bounty and/or ethical hacking scene for more than 2 years now and this is my first write-up (I hope you bear with me)…