Skip to content

AppSec, Network Security, Penetration Testing, Bug Bounties, Coding and more..

Menu
  • Home
  • OWASP TOP 10
    • OWASP TOP 10
    • OWASP API TOP 10
    • OWASP MOBILE TOP 10
    • SANS TOP 25
  • PENTESTING
    • WEB SECURITY
    • Web App Pentest
    • API Pentest
    • Android Pentesting
    • 0day
    • Windows Pentesting
    • Linux Pentesting
    • Active Directory Pentest
    • Linux Priv-Escalation
    • Windows Priv-Escalation
  • Coding
    • GoLang
    • Python
    • PowerShell
    • Bash Scripting
    • Batch Scripting
    • Java
  • Network Study
    • Networking Basics
    • TCP-IP/OSI Model
    • Essential Protocols
  • CTF
    • Vuln-Hub
  • Certification
    • CEH
    • OSCP
  • My Tools
  • Portfolio

Tag: CTF

Posted onJanuary 13, 2022January 13, 2022CEH, OWASP TOP 10, PENTESTING, WEB SECURITY

Out-Of-Band SQL Injection Explained | SQL injection Series | Web Security

by AdminLeave a comment on Out-Of-Band SQL Injection Explained | SQL injection Series | Web Security

Introduction Out-of-band Injection occurs when an attacker is unable to use the same channel like in-band injection attacks to launch the attack and gather results.…

Read More
Posted onDecember 30, 2021December 30, 2021CEH, OWASP TOP 10, PENTESTING, WEB SECURITY

Time Based SQL Injection Explained | SQL Injection Series | Web Security

by AdminLeave a comment on Time Based SQL Injection Explained | SQL Injection Series | Web Security

Introduction As we know that if web application does not return any visible error when the SQL query fails, then we use Boolean based SQL…

Read More
Posted onDecember 30, 2021December 30, 2021CEH, OWASP TOP 10, PENTESTING, WEB SECURITY

Boolean Based SQL Injection Explained | SQL Injection Series | Web Security

by AdminLeave a comment on Boolean Based SQL Injection Explained | SQL Injection Series | Web Security

Introduction Sometimes there is no visible error message on the page when an SQL query fails, making it difficult for an attacker to get information…

Read More
Posted onDecember 30, 2021December 30, 2021CEH, OWASP TOP 10, PENTESTING, WEB SECURITY

Blind SQL Injection Explained | SQL Injection Series | Web Security

by AdminLeave a comment on Blind SQL Injection Explained | SQL Injection Series | Web Security

Introduction Blind SQL (Structured Query Language) injection is a type of SQL Injection where the attacker asks the database true or false questions and determines…

Read More
Posted onDecember 30, 2021December 30, 2021CEH, OWASP TOP 10, PENTESTING, WEB SECURITY

Union Based SQL Injection Explained | SQL Injection Series | Web Security

by AdminLeave a comment on Union Based SQL Injection Explained | SQL Injection Series | Web Security

Introduction Union-based SQLi is an in-band SQL injection technique that leverages the UNION SQL operator to combine the results of two or more SELECT statements…

Read More
Posted onDecember 29, 2021December 29, 2021CEH, OWASP TOP 10, PENTESTING, WEB SECURITY

Error Based SQL Injection Explained | SQL Injection Series | Web Security

by AdminLeave a comment on Error Based SQL Injection Explained | SQL Injection Series | Web Security

Introduction Error based SQL injection is a technique of exploiting database servers, that relies on error messages thrown by the database server to obtain information…

Read More
Posted onDecember 5, 2021December 5, 2021CAPTURE THE FLAG

VulnHub Writeup : FristiLeaks 1.3

by AdminLeave a comment on VulnHub Writeup : FristiLeaks 1.3

Box Stats : Box Information Details Box Name FristiLeaks 1.3 Series FristiLeaks Release Date 14 Dec 2015 Author Ar0xA Difficulty Basic Download Link Link Nmap…

Read More
Posted onOctober 27, 2021October 27, 2021WEB SECURITY

Remote File Inclusion Attacks on Web-Application | RFI Attacks

by AdminLeave a comment on Remote File Inclusion Attacks on Web-Application | RFI Attacks

RFI stands for Remote File Inclusion, this vulnerability allows an attacker to dynamically include files/scripts from remote/external sources into the web server. This vulnerability occurs…

Read More
Posted onOctober 27, 2021October 27, 2021TOOLS, WEB SECURITY

fimap : tool for exploiting Remote/Local File Inclusion vulnerability | LFI Attacks

by AdminLeave a comment on fimap : tool for exploiting Remote/Local File Inclusion vulnerability | LFI Attacks

fimap is an LFI/RFI detection and exploitation tool written in python which can find, prepare, audit, exploit and even google automatically for local and remote…

Read More
Posted onOctober 27, 2021October 27, 2021CAPTURE THE FLAG

VulnHub Writeup : Kioptrix Levle 1.4 (#5)

by AdminLeave a comment on VulnHub Writeup : Kioptrix Levle 1.4 (#5)

Box Stats : Box Information Details Box Name Kioptrix Level 1.4 Series Kioptrix Release Date 6 Apr 2014 Author Kioptrix Difficulty Easy Download Link Link…

Read More

Posts navigation

Page 1 Page 2 Next Page

About Me

Hi, My name is Ajay Kumar Tekam, I am a Cyber Security Enthusiast and currently looking for opportunity to work in cyber security positions. The area of my interests are Web Pentesting, Mobile Application Pentesting and Network Pentesting. Currently i do bog hunting at bugcrowd.com as a freelancer. In my free time i write security automation tools in python, GoLang and Bash. You can find my portfolio, CV and more about me at ajaytekam.github.io

Recent Posts

  • ANDROID PENTESTING SERIES PART 2 : Overview of Android Components
  • ANDROID PENTESTING SERIES PART 3 : Overview of Android Security
  • ANDROID PENTESTING SERIES PART 9 : SSL Pinning Bypass with Frida Server
  • ANDROID PENTESTING SERIES PART 6 : Setting up Android Pentest Lab
  • ANDROID PENTESTING SERIES PART 8 : SSL Pinning Bypass with Xposed Installer

Categories

  • 0day
  • Android Pentesting
  • API Pentest
  • CAPTURE THE FLAG
  • CEH
  • EXPLOIT
  • GENERAL IT
  • LINUX SYS ADMIN
  • OWASP API TOP 10
  • OWASP TOP 10
  • PENTESTING
  • PROGRAMMING AND SCRIPTING
  • SYSTEM SECURITY
  • TOOLS
  • WEB SECURITY

Archives

  • January 2022
  • December 2021
  • November 2021
  • October 2021
  • September 2021
  • August 2021
Amphibious Theme by TemplatePocket ⋅ Powered by WordPress