SALA7 Bypass

A comprehensive technical deep-dive into SAL7-Bypass, a Burp Suite extension designed for systematic testing of HTTP access control bypass techniques including IP spoofing, method switching, authentication removal, path manipulation, and rate limiting circumvention. This blog covers the complete architecture, implementation details, and testing methodology for identifying 403 Forbidden, 401 Unauthorized, and 429 Too Many Requests bypass vulnerabilities in web applications and APIs.

How did I gain RCE and dump the database from Android Application

Chain of attackes lead to remote code execution MSSQL servers

CVE-2023-47261

Chain of attackes lead to remote code execution on Dokmee ECM through 7.4.6

Devzat

in this blog i've explained how to root Devzat from HackTheBox

Internal

in this blog i've explained how to root Internal from TryHackMe

Horizontall

in this blog i've explained how to root Previse from HackTheBox

Previse

in this blog i've explained how to root Previse from HackTheBox

Kenobi

in this blog i've explained how to root Kenobi from TryHackMe

XML external external (XXE) injection Vulnerabilities

in this blog i've explained how to XML external external (XXE) injection Vulnerabilities and labs in PortSwigger

Cross-origin resource sharing Vulnerabilities

in this blog i've explained how to Cross-origin resource sharing Vulnerabilities and labs in PortSwigger

Directory Traversal Vulnerabilities

in this blog i've explained how to Directory Traversal Vulnerabilities and labs in PortSwigger

OS command injection

in this blog i've explained how to solve OS command injection labs in PortSwigger

Authentication Vulnerabilities

in this blog i've explained how to solve Authentication Vulnerabilities and labs in PortSwigger