infosecwriteups.com Open in urlscan Pro
162.159.152.4  Public Scan

Form analysis
0 forms found in the DOM

Text Content

To make Medium work, we log user data. By using Medium, you agree to our Privacy
Policy, including cookie policy.

Homepage
Open in app
Sign inGet started



AWESOME WRITE-UPS FROM THE WORLD’S BEST HACKERS INTOPICS RANGING FROM BUG
BOUNTIES, CTFS, HACK THE BOX WALKTHROUGHS, HARDWARE CHALLENGES, AND REAL-LIFE
ENCOUNTERS. SUBSCRIBE TO OUR WEEKLY NEWSLETTER FOR THE COOLEST INFOSEC UPDATES:
HTTPS://WEEKLY.INFOSECWRITEUPS.COM/


ArchiveBug BountyWrite-up SubmissionsIW AmbassaorsHouse Of Hackers Forum
FollowFollowing
My First Grafana Admin Bug Bounty — with Google Dork — $xxx
MY FIRST GRAFANA ADMIN BUG BOUNTY — WITH GOOGLE DORK — $XXX

Discover how I found a significant Grafana login bug using Google Dorks and
earned a bug bounty! Don’t underestimate minor vulnerabilities.
Proviesec
Jul 19
The Unexpected “0” Master ID for Account Data Manipulation
THE UNEXPECTED “0” MASTER ID FOR ACCOUNT DATA MANIPULATION

A simple story when Allah allowed me to successfully achieve P1 through a broken
access control issue using an unexpected master ID of “0”.
YoKo Kho
Jun 20
NahamCon CTF 2023 — OSINT Challenges Walkthrough
NAHAMCON CTF 2023 — OSINT CHALLENGES WALKTHROUGH

A detailed walkthrough of all four OSINT Challenges from NahamCon CTF 2023 | by
Yotam Perkal
Yotam Perkal
Jun 20
Mobile App Pentesting: AndroGOAT Assessment Walkthrough
MOBILE APP PENTESTING: ANDROGOAT ASSESSMENT WALKTHROUGH

Have you ever wondered about the vulnerabilities hidden beneath the surface of
your favorite mobile apps? I certainly did, which is why I…
Martian
Jul 4
Cool Recon techniques every hacker misses! 🔥🔥
COOL RECON TECHNIQUES EVERY HACKER MISSES! 🔥🔥

Welcome to this article! This article is about some cool recon techniques every
hacker misses! Tighten your belts as we walk you through…
302 Found
Aug 22, 2022
InfoSec Write-ups
A collection of write-ups from the best hackers in the world on topics ranging
from bug bounties and CTFs to vulnhub machines, hardware challenges and real
life encounters. Subscribe to our weekly newsletter for the coolest infosec
updates: https://weekly.infosecwriteups.com/
More information
Followers
29K
Elsewhere

Subscribe to our Weekly Infosec Newsletter
Infosec Weekly
Latest
Solving SQL Injection Fundamentals HTB CTF
SOLVING SQL INJECTION FUNDAMENTALS HTB CTF

Solving SQL Injection Fundamentals HTB
Ahmet Talha Şen
Jul 19
Solving the JavaScript Deobfuscation HTB CTF Challenge
SOLVING THE JAVASCRIPT DEOBFUSCATION HTB CTF CHALLENGE

Solving the JavaScript Deobfuscation HTB Challenge
Ahmet Talha Şen
Jul 19
Attacking Web Applications with Ffuf: Solving the CTF Challenge
ATTACKING WEB APPLICATIONS WITH FFUF: SOLVING THE CTF CHALLENGE

In this article, we’ll examine how to use the flexible web application fuzzing
tool Ffuf to resolve a Capture the Flag (CTF) challenge.
Ahmet Talha Şen
Jul 19
Introduction to Web Applications HTB CTF
INTRODUCTION TO WEB APPLICATIONS HTB CTF

Introduction to Web Applications HTB
Ahmet Talha Şen
Jul 18
Hacking Google Bard!
HACKING GOOGLE BARD!

I am Harish SG, a security researcher who studies Masters in Cybersecurity at UT
Dallas,previously hunted on the Microsoft Bug Bounty…
Harish SG
Jul 17
Solving the HTB Web Requests CTF Challenge
SOLVING THE HTB WEB REQUESTS CTF CHALLENGE

Solving the HTB Web Requests CTF Challenge — A Comprehensive Guide
Ahmet Talha Şen
Jul 17
Persistence Techniques (Beginner to Advanced) For Windows
PERSISTENCE TECHNIQUES (BEGINNER TO ADVANCED) FOR WINDOWS

Part-1
Ali AK
Jul 16
Flagging Flaws: Micro-CMS v1
FLAGGING FLAWS: MICRO-CMS V1

Welcome to “Flagging Flaws: Hacker101 Micro-CMS v1,” where we gon find those
vulnerabilities within this machine. Join me as we navigate…
ScriptKitty
Jul 16
The Buffer Curse
THE BUFFER CURSE

A tale of unusual exploitation in Web Application
Felix Alexander
Jul 16
Mastering the Dance with Digital Recruitment Gatekeepers
MASTERING THE DANCE WITH DIGITAL RECRUITMENT GATEKEEPERS

How I Easily Import Resumes into Applicant Tracking Systems (ATS)
R. Eric Kiser
Jul 16
TryHackMe - Snapped Phish-ing Line
TRYHACKME - SNAPPED PHISH-ING LINE

Apply learned skills to probe malicious emails and URLs, exposing a vast
phishing campaign
David Varghese
Jul 16
FalconEye: Splunk Threat Hunting
FALCONEYE: SPLUNK THREAT HUNTING

This article provides my approach for solving the FalconEye blue team ctf
challenge on the CyberDefenders website, a blue team-focused…
Hacktivities
Jul 16
Unlocking the Mind of a Bug Hunter: A Deep Dive into the Bug Bounty Ecosystem
UNLOCKING THE MIND OF A BUG HUNTER: A DEEP DIVE INTO THE BUG BOUNTY ECOSYSTEM

Introducing the Bug Bounty Ecosystem
Security Lit Limited
Jul 15
How to Add or Create User in Ubuntu
HOW TO ADD OR CREATE USER IN UBUNTU

Widely used and renowned for being user-friendly is — Ubuntu. It is used as an
operating system of choice by people, businesses, and …
Chinmay Sonawane
Jul 15
How FBI hackers or Forensics Team identify fake Images
HOW FBI HACKERS OR FORENSICS TEAM IDENTIFY FAKE IMAGES

Hello learners, I am back with my new and very interesting blog on how the FBI
or any other crime department identifies fake images. So you…
Rajneesh Kumar Arya
Jul 14
Using an AI to perform OSINT? Google BARD’s image recognition feature for
cybersecurity
USING AN AI TO PERFORM OSINT? GOOGLE BARD’S IMAGE RECOGNITION FEATURE FOR
CYBERSECURITY

We all know AI-enabled Chatbots are all the hype — and pottentially the future
for consumers and Enterprises.
Andre Camillo
Jul 14
OWASP API Top 10 — API Security
OWASP API TOP 10 — API SECURITY

TL;DR — The blogs covers code samples that highlight common vulnerabilities
related to the OWASP API Top 10. This blog will cover each…
Dhanesh Dodia - HeyDanny
Jul 14
Deobfuscation for Beginners
DEOBFUSCATION FOR BEGINNERS

A Tutorial About Dealing With an Obfuscated Code
Roei Kriger
Jul 14
Let’s Go For Whole Company
LET’S GO FOR WHOLE COMPANY

This time we are not going to talk about the effects of a vulnerability on
users.we want to talk about taking over an entire organization…
M7arm4n
Jul 13
Periculus—Leading Cyber Security Provider & Importance of Cybersecurity for
Small Businesses
PERICULUS—LEADING CYBER SECURITY PROVIDER & IMPORTANCE OF CYBERSECURITY FOR
SMALL BUSINESSES

In today’s business environment, secure access to systems and data is critical
and It also requires a reliable authentication process…
ZeusCybersec
Jul 12
Exploiting Incorrectly Configured Load Balancer with XSS to Steal Cookies
EXPLOITING INCORRECTLY CONFIGURED LOAD BALANCER WITH XSS TO STEAL COOKIES

Introduction
Serj N
Jul 12
Enhancing Malware Detection: Endpoint Detection and Response Solutions with
Elastic SIEM
ENHANCING MALWARE DETECTION: ENDPOINT DETECTION AND RESPONSE SOLUTIONS WITH
ELASTIC SIEM

Introduction
Cybertech Maven
Jul 12
Reverse shell to your Amazon AWS EC2 instance as ‘root’ or ‘Administrator’ by
injecting user-data
REVERSE SHELL TO YOUR AMAZON AWS EC2 INSTANCE AS ‘ROOT’ OR ‘ADMINISTRATOR’ BY
INJECTING USER-DATA

Summary
Nol White Hat
Jul 12
MITRE Discovery — CMD Commands for Endpoint Reconnaissance — Part 1 (Net,
Tasklist, Route)
MITRE DISCOVERY — CMD COMMANDS FOR ENDPOINT RECONNAISSANCE — PART 1 (NET,
TASKLIST, ROUTE)

Learn how CMD commands Net, Tasklist and Route turn into LOLBAS executables when
doing endpoint/domain recon on an organization.
Jonathan David
Jul 11
Solving Kioptrix Level 1 Capture the Flag (CTF)
SOLVING KIOPTRIX LEVEL 1 CAPTURE THE FLAG (CTF)

Kioptrix Level 1 CTF: Unlock Root Access and Strengthen Your Cybersecurity
Skills!
Ahmet Talha Şen
Jul 11
About InfoSec Write-upsLatest StoriesArchiveAbout MediumTermsPrivacyTeams