⤷ Title: Finding a $600 Remote Code Execution (RCE) on an E-Commerce Platform
════════════════════════
𐀪 Author: Cybervolt
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 13:10:39 GMT
════════════════════════
⌗ Tags: #cybersecurity #devsecops #bug_bounty_writeup #ethical_hacking #penetration_testing
════════════════════════
𐀪 Author: Cybervolt
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 13:10:39 GMT
════════════════════════
⌗ Tags: #cybersecurity #devsecops #bug_bounty_writeup #ethical_hacking #penetration_testing
Medium
Finding a $600 Remote Code Execution (RCE) on an E-Commerce Platform
During a recent authorized security assessment of a mid-sized e-commerce platform, I identified a Remote Code Execution (RCE) vulnerability…
⤷ Title: Lab: Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and…
════════════════════════
𐀪 Author: KRY
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 12:10:48 GMT
════════════════════════
⌗ Tags: #penetration_testing #portswigger #xx #cybersecurity #cyberkry
════════════════════════
𐀪 Author: KRY
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 12:10:48 GMT
════════════════════════
⌗ Tags: #penetration_testing #portswigger #xx #cybersecurity #cyberkry
Medium
Lab: Reflected XSS into a JavaScript string with angle brackets and double quotes HTML-encoded and single quotes escaped
Denoscription
⤷ Title: Lab: Reflected XSS into a JavaScript string with single quote and backslash escaped
════════════════════════
𐀪 Author: KRY
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 12:07:57 GMT
════════════════════════
⌗ Tags: #portswigger #penetration_testing #xx #cybersecurity #cyberkry
════════════════════════
𐀪 Author: KRY
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 12:07:57 GMT
════════════════════════
⌗ Tags: #portswigger #penetration_testing #xx #cybersecurity #cyberkry
Medium
Lab: Reflected XSS into a JavaScript string with single quote and backslash escaped
Denoscription
⤷ Title: How JS Analysis Led to PII Disclosure
════════════════════════
𐀪 Author: Rahul Singh Chauhan
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 11:59:27 GMT
════════════════════════
⌗ Tags: #javanoscript_tips #bug_bounty_writeup #cybersecurity #information_disclosure #penetration_testing
════════════════════════
𐀪 Author: Rahul Singh Chauhan
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 11:59:27 GMT
════════════════════════
⌗ Tags: #javanoscript_tips #bug_bounty_writeup #cybersecurity #information_disclosure #penetration_testing
Medium
How JS Analysis Led to PII Disclosure
JavaScript analysis leads to personal information disclosure for a bank.
⤷ Title: SOUPEDECODE 01 THM WRITEUP
════════════════════════
𐀪 Author: Gardash Aliyev
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 12:47:16 GMT
════════════════════════
⌗ Tags: #ctf_writeup #soupedecode_ctf #tryhackme #ctf_walkthrough #ctf
════════════════════════
𐀪 Author: Gardash Aliyev
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 12:47:16 GMT
════════════════════════
⌗ Tags: #ctf_writeup #soupedecode_ctf #tryhackme #ctf_walkthrough #ctf
Medium
SOUPEDECODE 01 THM WRITEUP
Hi Everyone, qarGI again. Today’s CTF is Soupedecode 01 Windows server. Let’s explore together…
⤷ Title: Walkthrough: Linux CLI - Shells Bells — TryHackMe
════════════════════════
𐀪 Author: Muhammad Usman
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 12:34:09 GMT
════════════════════════
⌗ Tags: #tryhackme #advent_of_cyber_2025 #walkthrough #linux_cli_shells_bells
════════════════════════
𐀪 Author: Muhammad Usman
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 12:34:09 GMT
════════════════════════
⌗ Tags: #tryhackme #advent_of_cyber_2025 #walkthrough #linux_cli_shells_bells
Medium
Walkthrough: Linux CLI - Shells Bells — TryHackMe
Scenerio
The unthinkable has happened — McSkidy has been kidnapped. Without her, Wareville’s defenses are faltering, and Christmas itself…
The unthinkable has happened — McSkidy has been kidnapped. Without her, Wareville’s defenses are faltering, and Christmas itself…
⤷ Title: Writeup Appointment — Hack The Box
════════════════════════
𐀪 Author: RavenBreach
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 13:22:23 GMT
════════════════════════
⌗ Tags: #hackthebox #cybersecurity #sql_injection #sql #php
════════════════════════
𐀪 Author: RavenBreach
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 13:22:23 GMT
════════════════════════
⌗ Tags: #hackthebox #cybersecurity #sql_injection #sql #php
Medium
Writeup Appointment — Hack The Box
Un commentaire ou une illusion ?
⤷ Title: Bypassing Authentication Schema as an Expert
════════════════════════
𐀪 Author: Marwan Alsaifi
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 14:50:33 GMT
════════════════════════
⌗ Tags: #owasp_top_10 #application_security #ethical_hacking #penetration_testing #cybersecurity
════════════════════════
𐀪 Author: Marwan Alsaifi
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 14:50:33 GMT
════════════════════════
⌗ Tags: #owasp_top_10 #application_security #ethical_hacking #penetration_testing #cybersecurity
Medium
Bypassing Authentication Schema as an Expert
When I test a web application as a penetration tester, authentication is always a critical target. If authentication can be bypassed…
⤷ Title: Detecting ARP Poisoning Attacks: A Comprehensive Guide
════════════════════════
𐀪 Author: Vignesh R
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 14:31:59 GMT
════════════════════════
⌗ Tags: #hacking #man_in_the_middle_attack #arp_protocol #arp_spoofing #arp_poisoning
════════════════════════
𐀪 Author: Vignesh R
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 14:31:59 GMT
════════════════════════
⌗ Tags: #hacking #man_in_the_middle_attack #arp_protocol #arp_spoofing #arp_poisoning
Medium
Detecting ARP Poisoning Attacks: A Comprehensive Guide
ARP spoofing & Man In The Middle Attacks Execution & Detection
⤷ Title: Using a Golang Shellcode Loader with Sliver C2 for Evasion
════════════════════════
𐀪 Author: lainkusanagi
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 15:47:12 GMT
════════════════════════
⌗ Tags: #penetration_testing #antivirus_evasion #red_teaming
════════════════════════
𐀪 Author: lainkusanagi
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 15:47:12 GMT
════════════════════════
⌗ Tags: #penetration_testing #antivirus_evasion #red_teaming
Medium
Using a Golang Shellcode Loader with Sliver C2 for Evasion
Friend link if you aren’t a member
⤷ Title: TryHackMe Writeup: JPGChat
════════════════════════
𐀪 Author: Berkay AĞGÜL
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 15:08:15 GMT
════════════════════════
⌗ Tags: #cybersecurity #tryhackme_writeup #tryhackme #tryhackme_walkthrough #cybercrime
════════════════════════
𐀪 Author: Berkay AĞGÜL
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 15:08:15 GMT
════════════════════════
⌗ Tags: #cybersecurity #tryhackme_writeup #tryhackme #tryhackme_walkthrough #cybercrime
Medium
TryHackMe Writeup: JPGChat
Karşımızda “JPChat” adında bir servis var. Genellikle 80 veya 443 portlarında çalışan web sitelerine alışığız ama bu sefer durum farklı. Bu…
⤷ Title: Black IP : Network Intelligence Tool
════════════════════════
𐀪 Author: Abhirup Konwar
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 14:35:43 GMT
════════════════════════
⌗ Tags: #ethical_hacking #pentesting #bug_bounty_tips #red_team_tools #osint_tool
════════════════════════
𐀪 Author: Abhirup Konwar
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 14:35:43 GMT
════════════════════════
⌗ Tags: #ethical_hacking #pentesting #bug_bounty_tips #red_team_tools #osint_tool
Medium
Black IP : Network Intelligence Tool
Find all ASN + IPv4 + IPv6 address of your target
⤷ Title: Black Basta Ransomware Leader Added to EU Most Wanted and INTERPOL Red Notice
════════════════════════
𐀪 Author: Unknown
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 21:56:00 +0530
════════════════════════
⌗ Tags: No_Tags
════════════════════════
𐀪 Author: Unknown
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 21:56:00 +0530
════════════════════════
⌗ Tags: No_Tags
⤷ Title: How a Base64 Image API Turned a Trusted Cloud Bucket into an Attacker’s CDN
════════════════════════
𐀪 Author: Supun Halangoda (Suppa)
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:42:35 GMT
════════════════════════
⌗ Tags: #cloud_computing #bug_bounty #api #cybersecurity #developer
════════════════════════
𐀪 Author: Supun Halangoda (Suppa)
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:42:35 GMT
════════════════════════
⌗ Tags: #cloud_computing #bug_bounty #api #cybersecurity #developer
Medium
How a Base64 Image API Turned a Trusted Cloud Bucket into an Attacker’s CDN
Hello Everyone !…. It’s been quite a while since I last published a write-up here…. life, work, and a lot of startup work happened in…
⤷ Title: Master API Security: I Built a Vulnerable Lab for Beginners (VulnShop)
════════════════════════
𐀪 Author: Sreejihkn
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 16:54:12 GMT
════════════════════════
⌗ Tags: #bug_bounty #api_penetration_testing #api #web_penetration_testing #cybersecurity
════════════════════════
𐀪 Author: Sreejihkn
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 16:54:12 GMT
════════════════════════
⌗ Tags: #bug_bounty #api_penetration_testing #api #web_penetration_testing #cybersecurity
Medium
Master API Security: I Built a Vulnerable Lab for Beginners (VulnShop) 🚀
By Sr33jihseC
⤷ Title: Exploiting SSRF in OopsSec Store to Access Internal Pages
════════════════════════
𐀪 Author: OopsSec Store
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:52:32 GMT
════════════════════════
⌗ Tags: #programming #hacking #cybersecurity #technology #web_development
════════════════════════
𐀪 Author: OopsSec Store
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:52:32 GMT
════════════════════════
⌗ Tags: #programming #hacking #cybersecurity #technology #web_development
Medium
Exploiting SSRF in OopsSec Store to Access Internal Pages
How a simple support form leaks internal data via SSRF
⤷ Title: Lab: SQL injection UNION attack, determining the number of columns returned by the query
════════════════════════
𐀪 Author: Songül Kızılay Özügürler
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:51:02 GMT
════════════════════════
⌗ Tags: #ctf #medium #portswigger #pentesting #hacking
════════════════════════
𐀪 Author: Songül Kızılay Özügürler
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:51:02 GMT
════════════════════════
⌗ Tags: #ctf #medium #portswigger #pentesting #hacking
Medium
Lab: SQL injection UNION attack, determining the number of columns returned by the query
Bu lab, ürün kategori filtresinde bir SQL injection zafiyeti içeriyor. Sorgu sonuçları sayfada göründüğü için, UNION kullanarak başka…
⤷ Title: [AD攻防] Kerberoasting 攻擊
════════════════════════
𐀪 Author: 陳禹璿
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:40:20 GMT
════════════════════════
⌗ Tags: #pentesting #hacking #kerberoasting #oscp #active_directory
════════════════════════
𐀪 Author: 陳禹璿
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:40:20 GMT
════════════════════════
⌗ Tags: #pentesting #hacking #kerberoasting #oscp #active_directory
Medium
[AD攻防] Kerberoasting 攻擊
Kerberoasting
⤷ Title: The Ghost in the Machine: How to Breach Any Online Python IDE
════════════════════════
𐀪 Author: SilentExploit
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:39:04 GMT
════════════════════════
⌗ Tags: #hackthebox #hacker #hacking #hacking_news #python
════════════════════════
𐀪 Author: SilentExploit
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 17:39:04 GMT
════════════════════════
⌗ Tags: #hackthebox #hacker #hacking #hacking_news #python
Medium
The Ghost in the Machine: How to Breach Any Online Python IDE
Discover how a single line of Python can shatter the illusion of isolation and turn a browser-based playground into a wide-open gateway.
⤷ Title: I Blocked Anime Websites Like a Pro (and My Sister is Not Happy )
════════════════════════
𐀪 Author: Swetha
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 16:11:56 GMT
════════════════════════
⌗ Tags: #hacking #ethical_hacking #hacker #network
════════════════════════
𐀪 Author: Swetha
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 16:11:56 GMT
════════════════════════
⌗ Tags: #hacking #ethical_hacking #hacker #network
Medium
I Blocked Anime Websites Like a Pro (and My Sister is Not Happy 😭)
So… I finally did it.
⤷ Title: CTF — Basic Pentesting
════════════════════════
𐀪 Author: Marduk I Am
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 16:47:09 GMT
════════════════════════
⌗ Tags: #ctf #penetration_testing #tryhackme #cybersecurity #ethical_hacking
════════════════════════
𐀪 Author: Marduk I Am
════════════════════════
ⴵ Time: Sat, 17 Jan 2026 16:47:09 GMT
════════════════════════
⌗ Tags: #ctf #penetration_testing #tryhackme #cybersecurity #ethical_hacking
Medium
Basic Pentesting (CTF Walkthrough)
A TryHackMe CTF