Recent

XSS as a Password Stealer : A very overlooked XSS attack vector ↗ ↖
Hi everyone, it’s been a while since my last article in 2022: A Deep dive into src=”” attribute leading to a Stored XSS . I have been busy, very. well, this time I come to you with an article after what? 4 years? not to…

A Deep dive into src=”” attribute leading to a Stored XSS ↗ ↖
السلام عليكم ورحمة الله وبركاته Hi Everyone, it has been a while since I published my last article about AWS Take Over and I am coming with a new article about a deep dive into HTML elements and their attributes. Althou…

From .git directory to AWS EC2 network takeover ↗ ↖
From .git directory to AWS EC2 network takeover Last week I was performing a penetration test. I was performing the test according to my own methodology and an interesting .git directory was publicly accessible. This .g…
