Writeups

Category: red-teaming

JWT Authentication Bypass | Bug Bounty

Sajjad Khan October 11, 2022 1 Comment

What are JWTs? JSON web tokens (JWTs) are a standardized format for sending cryptographically signed JSON data between systems. Theoretically, they can contain any kind

Subdomain takeover of Tokopedia’s | The Infosec Blogs

Sajjad Khan October 6, 2022 No Comments

Tl;dr : a subdomain of tokopedia’s website is pointed to an expired Top-Level-Domain available to buy, so obviously I go ahead and buy it. Assalamualaikum

Bypass Windows Defender in Windows 11

Sajjad Khan January 18, 2022 No Comments

System information about Windows Defender. Using reflection in PowerShell to invoke Win32 API calls from remote PowerShell file invoked by Elixir’s interactive shell. Insert shellcode

Writeups

Category: red-teaming

JWT Authentication Bypass | Bug Bounty

Subdomain takeover of Tokopedia’s | The Infosec Blogs

Bypass Windows Defender in Windows 11

Most Recent

How to Find Security Vulnerabilities in Cloud Computing

How to bypass 2FA with a HTTP header

HTTP Request Smuggling on business.apple.com and Others.

Most Popular

Tryackme Overpass 3 Walkthrough

Tryhackme Overpass Walkthrough

Tryhackme Overpass 2 Walkthrough

Random Writeups