#web-security
8 articles
NoSQL Injection: Exploitation Techniques and Attack Scenarios 💣
Exploiting NoSQL injection—syntax and operator injection ($ne, $in, $regex)—to bypass authentication and extract data from MongoDB-style databases.
·6 min readSubdomain Takeover: When Your Own Domain Becomes Your Enemy 🕵️♂️
How dangling DNS records pointing to unclaimed services enable subdomain takeover—covering discovery, exploitation, detection, and mitigation.
·5 min readWhy IDORs Are Everywhere — And How to Find Them — Part I
How predictable sequential IDs exposed thousands of customer invoices, plus a methodology for spotting horizontal, vertical, and blind IDORs.
·5 min readHow We Discovered a Stored HTML Injection in a Chatbot System 🕷️
Finding a stored HTML injection in an AI chatbot that rendered unsanitized messages server-side, opening the door to defacement and phishing.
·4 min readSSRF: When Your Server Becomes a Nosy Hacker — Part 1
Exploiting SSRF for internal recon and cloud-metadata access, with bypass techniques like IP encoding and DNS rebinding—and real-world impact.
·8 min readRate Limiting: When Your Server Says Chill, Bro.
How rate limiting works—token bucket, leaky bucket, sliding window—and the bypass tricks (IP rotation, header tampering) attackers use against it.
·5 min readThe Silent Threat: Understanding Pre-Account Takeover Attacks 🕵️♀️
How pre-account-takeover attacks exploit identity gaps before signup via domain interception and typosquatting—plus how to defend against them.
·5 min readWhen Data Whispers Secrets: Understanding Sensitive Information Disclosure in Modern Systems 🔐
A tour of information-disclosure bugs—verbose errors, metadata leaks, IDOR, directory listing, hardcoded secrets—and how to prevent each one.
·5 min read