Hello, friends welcome back to my blog. Today’s blog is a walkthrough of a room from TryHackMe called Lo-FI. It’s a very basic room for Local File Inclusion (LFI), a good starting point for those who want to learn about LFI.

Hello friends, welcome back to my blog.

Recently, I completed the Authentication module from the Web Application Pentesting learning path on TryHackMe. The module is excellent, and I would recommend it to anyone looking to improve their skills in web application pentesting.

Hello Everyone,

I hope you’re all doing well. In this blog post, I’ll walk you through how to quickly set up a vulnerable Active Directory (AD) environment to practice your pentesting skills. We’ll be using a script called Vulnerable-AD

Hello everyone, After successfully completing the API penetration testing course from APIsec University, I practiced API testing skills on various platforms and encountered the topic of testing for SSRF vulnerabilities in APIs. This blog aims to explain how to search for SSRF in APIs.

Hello Guys…

In this blog, I will walk you through a challenge that I come across. It is all about exploiting a Broadcast receiver vulnerability. The challenge is from a platform called MobileHackingLabs. It’s a really good platform for testing your mobile pentesting skills. So let’s get started.

Hello Friends…
Today’s blog post is about a challenge created by MobileHackingLab. The challenge is called “Food Store.” The goal is to exploit a SQL injection vulnerability and gain elevated privileges within the application.

Hello Friends…

This is the Third and final part of the API testing portswigger labs series.

Greetings, friends!

I hope that you are all doing well. Today, we continue our API testing lab series, focusing on the identification and interaction with various API endpoints as well as mass assignment vulnerabilities. Let’s delve into the topic!

Hey Friends.

This blog is based on the new module API testing from Portswigger Academy. I will explain some basic theory in short points. We are mostly focused on practical labs. Let’s get started.

When dealing with Android applications that handle highly sensitive information, it is crucial to ensure that the application does not store data in memory for longer than necessary. This is to prevent potential security breaches, as attackers may exploit memory dumps to access sensitive information. In this guide, we will explore the process of dumping an Android application’s memory using Fridump, an open-source memory dumping tool that utilizes Frida.

Hello guys,

Welcome back to my blog, where today we will delve into the realm of Android vulnerabilities. In a previous post, I discussed how to set up an Android lab environment to kickstart your pentesting career. Now, let’s focus on some commonly encountered vulnerabilities found in Android applications.

Hello Friends,

In this blog, I will walk you through the practical steps to install the necessary tools for Android pentesting. By following this guide, you will be able to set up your lab environment and capture traffic using Burp Suite. So, let’s get started!