efranMonolithic, Microservice Architectures and Security of JWT TokensBefore testing a system, we need to understand what it is and why it exists. So, let’s start by explaining what a JWT (JSON Web Token) is…4 min read·Nov 11, 2023----
efranHack The Box Academy Privilege EscalationTASK1: SSH into the server above with the provided credentials, and use the ‘-p xxxxxx’ to specify the port shown above. Once you login…2 min read·Oct 6, 2023--1--1
efranXSS — DOM XSS in jQuery selector sink using a hashchange eventI started to solving XSS Labs on the PortSwigger. The previous XSS labs were straightforward, but in this example, I needed one more step…3 min read·Aug 7, 2023----
efranXSS — Reflected XSS into a JavaScript string with angle brackets HTML encodedThe solution of the lab was hidden in the source code, and since solving it resembled a bit of puzzle solving, I think it was a very…1 min read·Aug 4, 2023----
efranXXE — Exploiting XXE to retrieve data by repurposing a local DTDAfter learning the techniques for exploiting XXE vulnerability, it is time to explore exploiting XXE with a local DTD. This technique…3 min read·Jul 28, 2023----
efranHost Header Manipulations — Password reset poisoning via dangling markupI tried several methods but I will cover the solution and the logic of the beyond. The things is happening on the raw part of the mail…2 min read·Jul 9, 2023----
efranHost Header Attacks — Web Cache Poisoning via Ambigious RequestsIn this example of the portswigger, the lab’s name provices a hint: We will be using caching mechanism and host header attacks.2 min read·Jul 8, 2023----
efranBluetooth-Low-Energy(BLE) CTFHello! Lately, I’ve become interested in hardware security, and Bluetooth has always fascinated me. In this blog, I won’t explain what BLE…5 min read·May 17, 2021----
efranServiceNow admin credentials exposed.After I read the blog post on PostSwigger which is about ServiceNow admin credentials exposed, I began to think about whether all the…2 min read·Mar 15, 2021----
efranSSRF with filter bypass via open redirection vulnerabilityExplanation of the lab : This lab has a stock check feature which fetches data from an internal system. To solve the lab, change the stock…3 min read·Jan 11, 2021--1--1