Mass Cracking Cybrary Accounts

Mass Cracking Cybrary Accounts

TL;DR Cybrary leaks usernames from multiple endpoints, has no restrictions on password strength, has xml-rpc enabled which makes it a good target for password spray attacks.

Read more
21 things you can do with XSS

21 things you can do with XSS

Simply put, XSS is an underrated vulnerability. Well, there are a couple of good reasons:

  • It’s a client side vulnerability
  • White hats just need that popup for POC (most of the times)
  • Most of the blacks hats don’t know enough JS to make money out of XSS
Read more
CORS, SOP & crossdomain.xml For Dummies

CORS, SOP & crossdomain.xml For Dummies

Things were really simple when webpages were static. Write some text, add images, add links and serve it to your users.
Then JavaScript came into existence and it made webpages dynamic.

Read more
Learn SQL for SQL Injection in 10 minutes

Learn SQL for SQL Injection in 10 minutes

Hi there! This article is focused on whats important and I hope you have read my introductory article about SQL and SQL injection . So lets go!

As we know, data is stored in databases . A server can have many databases. Databases contain tables and tables contain data in the form of rows and columns .

Read more
How I became a hacker and more...

How I became a hacker and more...

I don’t want to make it any longer by adding some introductory part so lets get straight to the point. Okay wait, I just want to tell you something, I am a noob. Let’s go now!

Read more