SHUBHAM PANDEY

Taking Google Dorks to Next Level Hello All, In this post I will provide you an overview about  reconnaissance. DorkRecon is a tool which uses advanced search operators (Open source tools + Google Dorks) to find juicy information about target websites.  The most important steps during web application pentesting is reconnaissance. This phase is important for an attacker to gain insights and knowledge of target organization. With the help of this tool, one can use various dorks without remembering all the syntax. This tool perform fully passive scan.  DorkRecon is a tool which is purely written in python3. It utilizes various open source tools and dorks. It comes with 2 Interface CLI and an option to save as HTML files. Below is the screenshot of DorkRecon CLI : DorkRecon CLI  It also comes with Web UI feature: Dorks : 1  Dorks : 2 Web UI This tool is at initial stage of development. The default supported browser is firefox which could be changed to any by changing the source code. Featu

API Information Disclosure Hello All, In this post I will provide you an overview about how to exploit Broken Object Level Authorization vulnerability. Definition: Attackers substitute the ID of their own resource in the API call with an ID of a resource belonging to another user. The lack of proper authorization checks allows attackers to access the specified resource. This attack is also known as IDOR (Insecure Direct Object Reference). OR APIs tend to expose endpoints that handle object identifiers, creating a wide attack surface Level Access Control issue. Object level authorization checks should be considered in every function that accesses a data source using an input from the user. Lets say our vulnerable website is target[.]com Steps I did to takeover all the accounts on the test platform. Since I was already registered user on the target website. I did functionality check of the reset password feature. Reset Password Function I added my email id and user id  and int

My OSCP Journey - A Review Pre-Preparation: Hello All, In this post I will provide you an overview about my OSCP journey. In order t o gain some hands-on experience before enrolling, I started practicing on HackTheBox platform. Having done around 50 boxes, I finally felt ready to enroll into the PEN-200.  I would suggest try to complete each and every box from the list mentioned below, before enrolling as your pre-preparation work. OSCP Like boxes:   TJnull’s Preparation Guide for PWK/OSCP I enrolled for OSCP and completed all the PWK exercises and labs within 45 days. After completing all the coursework, I started preparing my notes in structured and organized way. The advice for you here is to make your own notes as it would really help you in your OSCP exam, you’ll thanks yourself later! What is important in doing all this is "BUILDING YOUR METHODOLOGY." Build Your Own Methodology If you have the time, I would strongly recommend completing TJ_Null’s list of HackTheBox

Introduction to IDOR Hello All,  In this post I will provide you an overview about how to exploit IDOR vulnerability. What is IDOR?  IDOR:(Insecure direct object references) Due to improper validation of userid at Server side leads to Change of content. OR without any validation mechanism which allows attackers to manipulate these references to access unauthorized data OR A user can successfully request access to a webpage, a data object, or a file that they should not have access to. IDOR Attack Scenario: Case 1: Deleting other user content: 1)Victim post something on website which has a unique ID Eg: 19 Attacker: 1)Attacker creates a post which has a unique ID of 22. 2)He tries to delete his post by intercepting his deleting request. 3)In request, Change ID from 22 to 19 which results deletion of victim post. Case 2: Changing other user profile picture: Attacker: 1)Intercept the upload image request and find the Unique User ID of attacker. 2)Change the ID of attacker to victim ID. 3)