✨I'm thrilled to share that I’ve achieved my first Hall of Fame🥇in the Honeywell program!🏆.It’s been an amazing journey of learning, growth, and collaboration,and I’m proud to have contributed to the success of this program🔐.#Honeywell #Cybersecurity #EthicalHacking #InfoSec

RT @pdnuclei: Scan for CVE-2024-47176 (CUPS - Remote Code Execution) with Nuclei. Vulnerability discovery and analysis by @evilsocket: http….

RT @TecnoSRC: ✍️Let's learn about Insecure Direct Object Reference (IDOR) vulnerabilities, including common types, security risks, and prev….

$$Bounty💲💷💰.✨Just snagged my first bug bounty! 🐞after a series of challenges and reports.🎉So excited to share this win with you all! 💫.#BugBounty #EthicalHacking #CyberSecurity #Vulnerability #PenTesting #VAPT #Cyberthreat #Bughunting #Websecurity #Infosec #BugBountyHunter

✍️#100DayChallenge🏅Day21.Terrapin attack against the SSH protocol and can allow the attacker to use downgraded secure signature algorithms and shut off certain security measures against keystroke timing attacks in OpenSSH.🔐#WebSecurity #Finstein #bugbountytip #infosecurity

✍️#100DayChallenge🏅Day20.Cross-origin resource is a mechanism for integrating applications.CORS defines a way for client web applications are loaded in one domain to interact with resources in a different domain🔐#WebSecurity #Finstein #CyberSecurity #bugbountytip #infosecurity

✍️#100DayChallenge🏅Day19.security misconfigurations include insecure default configurations, incomplete ad-hoc configurations, open cloud storage, misconfigured HTTP headers Cross-Origin resource sharing (CORS).🔐#WebSecurity #Finstein #CyberSecurity #bugbountytip #infosecurity

✍️#100DayChallenge🏅Day18.improper input validation can enable various security threats, such as injection attacks, cross-site scripting (XSS), and denial-of-service (DoS) attacks, compromising the integrity. 🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #infosecurity

✍️#100DayChallenge🏅Day17.XML Injection is an injection attack technique used to manipulate or compromise the logic of an XML application or document. It occurs when user-supplied input is not properly escaped. 🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #infosecurity

✍️#100DayChallenge🏅Day 16.WAF Bypass-SQL Injection is a technique used by attackers to circumvent Web Application Firewalls and execute malicious SQL queries. 🔗Link: 🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #infosecurity

✍️#100DayChallenge🏅Day15.Improper error handling occurs which produces undesirable responses to the user and opens the room for exploits being made to capitalize on these vulnerabilities. 🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #infosecurity

✍️#100DayChallenge🏅Day14.Host Header Injection is an attack that exploits the way web servers and applications handle the Host header in HTTP requests. 🔗Link:🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #infosecurity

✍️#100DayChallenge🏅Day13.Serialization is a mechanism of converting the state of an object into a byte stream. Deserialization is the reverse process where the byte stream is used to recreate the actual Java object in memory.🔐#WebSecurity #Finstein #CyberSecurity #infosecurit

✍️#100DayChallenge🏅Day12.Insecure deserialization which untrusted data is used to inflict a denial-of-service attack,execute code,bypass authentication or otherwise abuse the logic behind an application. 🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #infosecurity

✍️#100DayChallenge🏅Day11.DOM Based XSS is an XSS attack wherein the attack payload is executed as a result of modifying the DOM “environment” in the victim browser used by the original client side script.🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #infosecurity

✍️#100DayChallenge🏅Day10.Reflected XSS attacks, when a malicious script is reflected off of a web application to the victim’s browser. which sends a request to a website with a vulnerability malicious scripts.🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #infosecurity

✍️#100DayChallenge🏅Day9.Stored attacks are those where the injected script is permanently stored on the target servers, such as in a database, in a message forum, visitor log, comment field, etc.🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #infosecurity

✍️#100DayChallenge🏅Day8.Types of XSS: Stored XSS, Reflected XSS and DOM-based XSS. Cross-site Scripting attacks(XSS)can be used by attackers to undermine application security in many ways. 🔐#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #infosecurity

✍️#100DayChallenge🏅Day7.Cross-site scripting (XSS) is an attack in which an attacker injects malicious executable scripts into the code of a trusted application or website.🔐🪢 Link: ✨#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #Security

✍️#100DayChallenge🏅Day6.security misconfiguration occurs when system or application configuration settings are missing or are erroneously implemented,allowing unauthorized access. Link:#WebSecurity #Finstein #CyberSecurity #bugbountytips #OWSAP #Security