01
CORS Misconfiguration
CORS misconfigurations allow malicious websites to make authenticated cross-origin requests and read the responses — effectively bypassing the Same-Origin Polic…
3 min read
→
02
Metasploit Cheatsheet
Metasploit is a staple of the exploitation phase. This cheatsheet covers the full workflow from module selection through post-exploitation — organized for quick…
3 min read
→
03
iOS Pentesting Setup
iOS pentesting requires either a jailbroken device or a Corellium virtual device. This guide walks through the full setup: jailbreak, Frida, Objection, and Burp…
3 min read
→
04
API Pentesting Notes
Modern applications are built on APIs, and APIs introduce their own class of vulnerabilities. This post covers the full API testing methodology from discovery t…
4 min read
→
05
Web Cache Poisoning
Web cache poisoning lets you store a malicious response in a cache that gets served to other users. When a CDN or caching proxy serves your poisoned response to…
3 min read
→
06
LFI & Path Traversal to RCE
Local File Inclusion looks like a read-only file disclosure bug at first. In practice, with the right chaining techniques, it almost always escalates to Remote …
3 min read
→
07
OAuth 2.0 Attack Techniques
OAuth 2.0 is a delegation protocol — and when implemented incorrectly, it becomes a mechanism for account takeover. This post covers every major OAuth attack pa…
3 min read
→
08
Deserialization Attacks
Insecure deserialization converts attacker-supplied data into objects that trigger dangerous code paths. In Java it leads to RCE via gadget chains. In PHP it en…
4 min read
→
09
Frida Cheatsheet
Frida is the most powerful tool in the Android pentesting toolkit. This cheatsheet covers everything from basic method hooking to complex native code intercepti…
4 min read
→
10
Writing Custom Nuclei Templates
Nuclei is powerful out of the box, but the real value comes from writing custom templates for application-specific vulnerabilities. This guide covers the full t…
4 min read
→