CyberiumX

Finding and exploiting an unused API endpoint

PortSwigger- Finding and exploiting an unused API endpoint

Hello Folks, All web applications use an Application Programming Interface (API) which is also vulnerable if exploited by an attacker. So as a penetration tester, we should know how to identify and exploit these API-related vulnerabilities. In this blog, we will understand the complete process which starts from identifying API endpoints, supported HTTP methods, and […]

PortSwigger- Finding and exploiting an unused API endpoint Read More »

E-challan Scam Alert

E-Challan Scam Alert!

In today’s digital age, numerous fraudulent schemes have developed. Traffic violations, similar to various aspects of online services, have turned into a means for scammers. Unscrupulous individuals trick non-guilty users into falling for a contemporary type of trickery called phishing. They are informed about alleged traffic violations through alerts and, once they click a link or download an application, the scammers use this opportunity to rob their bank accounts and disappear without a trace.

E-Challan Scam Alert! Read More »

Whats Your Name Tryhackme walkthrough

TryHackMe- Whats Your Name?

Hello Folks, In this blog, we are going to solve a challenge that will test our client-side exploitation skills. The name of this challenge is “Whats Your Name?” and it is available on the TryHackMe platform. This CTF is only available to TryHackMe subscribers. We will be exploring some web application vulnerabilities like Cross-site Scripting

TryHackMe- Whats Your Name? Read More »

Blind SQL Injection

PortSwigger- Blind-Based SQL Injection- I

In this blog, we will understand one of the most identifiable and difficult types of SQL Injection vulnerability. It is Blind SQL Injection. We will learn about the same using PortSwigger platform. Let’s begin the blog and understand the meaning of blind SQL injection vulnerability. Blind SQL injection vulnerabilities are those where we send a malicious SQL query to the server but we don’t receive any direct output in the response.

PortSwigger- Blind-Based SQL Injection- I Read More »

Examining the database using Union based SQL injection on PortSwigger

PortSwigger- Examining the Database using Union-based SQL Injection

Hello folks, This blog will be based on Examining the Database using Union-based SQL Injection vulnerabilities. We will understand how we can get the database version and information related to tables and columns present in the database. We will explore the same on the PortSwigger platform. We have discussed the basics of Union-based SQL injection

PortSwigger- Examining the Database using Union-based SQL Injection Read More »

Scroll to Top