The complexity of the modern applications has increased exponentially in the past decade. Unfortunately, this has also increased the attacker surface and hence increased the total number of vulnerabilities that have been found on such applications. One such type being business logic vulnerabilities. So what is a business logic vulnerability?

If you are a developer, you already know that it’s nearly impossible to keep every resource in one place. It’s expensive (because everything has to be managed by one party) and it gets quite messy. So you maybe thinking that developers can potentially use two different domains to

You might be familiar with the annoying OTPS or other authentication tokens delivered right after you log into your favorite site. This article will help you to understand the purpose of 2FA and its exploitation. I have also drafted some of the 2FA bypasses you can use these techniques to

File sharing or simple file upload functionality is a widely used feature in web apps now a days. Any misconfiguration in this one feature can put the entire application or even organization at a great risk. In this article I will talk about this vulnerability, how to attack it and

Authentication issues are easy to understand however they can sometimes prove the most critical ones because of the fact that authentication is the core of security in any application. In the forthcoming sections, we will discuss briefly authentication and how various authentication mechanisms can be exploited. What is authentication? Familiar