Well, hello guys. I am back after a long time . Today I am here to share you about a little on volatility tool which includes recovering clipboard content and plaintext password from the memory dump of any system

So, let’s get started with how to take the memory dump…


Holaaaaa hackers !! Hope you all are doing well. Welcome back again … 👋

What is this vulnerability ? 🤔

Server-side request forgery (also known as SSRF) is a web security vulnerability that allows an attacker to induce the server-side application to make HTTP requests to an arbitrary domain of the attacker’s choosing.

In a typical SSRF attack, the attacker might cause the server to make a connection to internal-only…


Hello guys, I am back again with an interesting blog . Have a look !! 😍

~# Table of Content :

🔹 What is SQLI

🔹 Tools I used

🔹 The bug I got

~# Now, what are SQL Injections or Structured Query Language Injections 💉 ? 🤔

So basically , there is a sql query (request for data or information from a database table or combination of tables)…


Let’s dig in together…

Hello guys, here I am back again with a report on reflected xss which was again very easy bug to find but interesting. Took me a min to find the bug …😁

So, my last report was of Open redirection via google sign in (https://infosecwriteups.com/open-redirect-in-target-via-google-sign-in-d42b3cb633d). I…


Today we are going to solve another boot2root challenge called “Sunset: Midnight”. It’s available at VulnHub for penetration testing. Here I Shreya Talukdar am presenting sunset midnight ctf walk through. Let’s get started and learn how to successfully break it down.

🐞 Penetration Testing Methodology

Reconnaissance

▪️ Nmap

Enumeration

▪️Hydra brute force MySQL service

Exploiting

▪️ WordPress…


A two mins read 📖

So, let’s firstly focus on what is Open redirection vulnerability.

WHAT IS THIS VULNERABILITY ? 🤔

Open redirection vulnerability arises when an application or a software allows remote users/attackers to redirect the application to arbitrary malicious websites by manipulating the URL parameter in the original ones and thereby permitting phishing attacks…

Shreya Talukdar

Security researcher | Digital Forensics and Incident Responder | Blogger | Speaker | Learner

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store