infosec-write-ups-medium
feeds.twtxt.netNo description provided.
Top 5 Open Source Tools to Scan Your Code for Vulnerabilities
These tools help you find security flaws in your code before attackers do.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/top-5-open-source-tools-to-s … ⌘ Read more
Administrator | HackTheBox ⌘ Read more
**The Fastest Way to Learn Web Hacking in 2025 (With Free Resources) **
🔓Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-fastest-way-to-learn-web-hacking-in-2025-with-free-resourc … ⌘ Read more
Hidden Tricks to Spot Phishing Emails Before They Trick You!
Phishing emails are like traps set by cybercriminals to trick you into sharing personal details, clicking dangerous links, or downloading…
[Continue reading on InfoSec Write-ups … ⌘ Read more
** Hostile Host Headers: How I Hijacked the App with One Sneaky Header **
Hey there!😊
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/hostile-host-headers-how-i-hijacked-the-app-with-one-sneaky-hea … ⌘ Read more
Unrestricted Access to All User Information | REST API Oversharing ⌘ Read more
GitLab CI for Python Developers: A Complete Guide
Automating Testing, Linting, and Deployment for Python projects using GitLab CI/CD
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/gitlab-ci-for-python-developers-a-complete-guide-83794cb91 … ⌘ Read more
** How I discovered a hidden user thanks to server responses ?**
My first real step into web hacking and it wasn’t what i thought it would be.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-discovered-a-hidde … ⌘ Read more
PNPT Exam Review — 2025 ⌘ Read more
How to Build a Threat Detection Pipeline from Scratch (Like a Cyber Ninja!)
Hey, cyber fam! Have you ever asked yourself:
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-build-a-threat … ⌘ Read more
Nothing changed… except for one detail. And that was enough to hack
Sometimes, hacking doesn’t require any exploit… just good observation.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/nothing-c … ⌘ Read more
Email Verification Bypass during Account Creation | Insecure Design ⌘ Read more
How to Create a Botnet Using One Tool: A Proof of Concept for Educational Purposes Aspiring…
Learn how attackers build and control botnets — safely and ethically — using … ⌘ Read more
**Burp, Bounce, and Break: How Web Cache Poisoning Let Me Control the App **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/burp-bounce-and-break-how-web-cache-poisoning-let-me-con … ⌘ Read more
OWASP Juice Shop | Part 2 — Bully Chatbot ⌘ Read more
OWASP Juice Shop | Part 1 — ScoreBoard Solution — StrawHat Hackers ⌘ Read more
How to Set Up a Honeypot for Your Apache2 Server ⌘ Read more
I Lost $3,750 in 30 Seconds — The ATO Bug 99% of Hackers Miss (Here’s How to Avoid It)
The 1 Burp Suite Mistake That Cost Me $3,750 — Fix It in 30 Seconds
[Continue reading on InfoSec Writ … ⌘ Read more
SOC L1 Alert Reporting : Step-by-Step Walkthrough | Tryhackme
As a SOC analyst, it is important to detect high-severity logs and handle them to protect against disasters. A SOC analyst plays the…
[Continue reading on InfoSec Write-ups … ⌘ Read more
**404 to 0wnage: How a Broken Link Led Me to Admin Panel Access **
Hey there!😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/404-to-0wnage-how-a-broken-link-led-me-to-admin-panel-access-2b58e1fffaa3?source=r … ⌘ Read more
How to Start Bug Bounty in 2025 (No Experience, No Problem)
✅Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-to-start-bug-bounty-in-2025-no-experience-no-problem-89adc68da592?source=rss—-7b … ⌘ Read more
️ Hacking and Securing Kubernetes: A Deep Dive into Cluster Security
Disclaimer: This document is for educational purposes only. Exploiting systems without authorization is illegal and punishable by … ⌘ Read more
️ Free TryHackMe Jr Penetration Tester Roadmap with Resources and Labs
A free, TryHackMe-inspired roadmap with resources and labs to kickstart your penetration testing journey.
[Continue read … ⌘ Read more
5 Tools I Wish I Knew When I Started Hacking ⌘ Read more
Black Basta Leak Analysis ⌘ Read more
I Clicked a Random Button in Google Slides — Then Google Paid Me $2,240
The strange trick that exposed a hidden security flaw (and how you can find bugs like this too).
[Continue reading on InfoSec Write-ups »](https://in … ⌘ Read more
Lab: Exploiting an API endpoint using documentation
We will solve this lab based on the API documentation exposed to delete Carlos’s user.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/lab-exploiting-an-api-endpoint-using-d … ⌘ Read more
** HTTP Parameter Pollution: The Dirty Little Secret That Gave Me Full Backend Access ️**
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.co … ⌘ Read more
Chaining Bugs Like a Hacker: IDOR to Account Takeover in 10 Minutes
🚀Free Article Link…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/chaining-bugs-like-a-hacker-idor-to-account-takeover-in-1 … ⌘ Read more
Reflected XSS using Bookmark ⌘ Read more
Exposed Secrets in JavaScript Files
🔥Free Article https://medium.com/@Abhijeet_kumawat_/exposed-secrets-in-javascript-files-430a76834952?sk=ffd9ca6c8ede38ac77dcb68a507b9299
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/exposed-secrets-in-javascript-fi … ⌘ Read more
**How I Hijacked OAuth Tokens Through a Parallel Auth Flow Race Condition — $8500 P1 Bug Bounty ** ⌘ Read more
BL!ND.exe || Breaching Databases in Total Silence ⌘ Read more
Time-Based Blind SQL Injection: “Hack the Clock” ⌘ Read more
Wazuh Installation & Configuration: A Step-by-Step Tutorial
Hello, my digital adventurers! In this article, I will provide you with a step-by-step guide for installing and configuring the Wazuh…
[Continue reading on InfoSec Write-ups » … ⌘ Read more
**CORSplay of the Century: How I Hijacked APIs with One Misconfigured Header **
Free Link🎈
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/corsplay-of-the-century-how-i-hijacked-apis- … ⌘ Read more
**Bypassing Like a Pro: How I Fooled the WAF and Made It Pay **
Hi there!
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/bypassing-like-a-pro-how-i-fooled-the-waf-and-made-it-pay-e433193e1d9d?source=rss—-7b722bf … ⌘ Read more
WAF Bypass Masterclass: Using SQLMap with Proxychains and Tamper Scripts Against Cloudflare &…
A hands-on guide to understanding and testing WAF evasion techniques usin … ⌘ Read more
Burp Suite Beyond Basics: Hidden Features That Save Time and Find More Bugs
📌Free Article Link
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/burp-suite-beyond-basics-hidden-f … ⌘ Read more
Obfuscation Isn’t a Fix, And It Cost Them $2,500 — A Real-World Case Study ⌘ Read more
ResolverRAT: A Sophisticated Threat Targeting Healthcare and Pharma
he healthcare and pharmaceutical sectors are prime targets for cybercriminals due to their sensitive data and critical infrastructure. In…
[Continue read … ⌘ Read more
** CVSS 10.0 Critical Vulnerability in Erlang/OTP’s SSH: Unauthenticated Remote Code Execution Risk**
A critical security vulnerability (CVE-2025–32433) with a CVSS … ⌘ Read more
Automating GraphQL Bug Bounty Hunting with GrapeQL ⌘ Read more
️♂️ “I Didn’t Plan to Find a P1… But My Script Had Other Plans ” ⌘ Read more
Top 20 Linux Commands Every Pentester Should Know ⌘ Read more
Secret tricks to get hidden information in Bug Bounty
This article gives you a best and hidden tricks to find secret or hidden information from GitHub. we can call hidden approach on GitHub.
[Continue reading on InfoSec Write-ups »](https:/ … ⌘ Read more