P€nt€stM@nk€y

Local File Inclusion (LFI) Due to Untrusted User Input From analysing a WordPress plugin and exploiting it to get the flag.

Local File Inclusion (LFI) vulnerability due to unvalidated user input. This analysis is based on a Patchstack CTF exercise concerning a WordPress instance.

medium.com/@kr.sulabhja...

#ctf #cybersecutity #wordpress

Chaining Unauthorized User Registration, Broken Access Control, and Insecure CSRF Token Exposure to… From analysing a WordPress plugin and exploiting it to get the flag.

Let's explore the chaining of Unauthorized User Registration, Broken Access Control, and Insecure CSRF Token Exposure vulnerabilities within WordPress, leveraging the Semgrep tool for vulnerability discovery.

Here is my write-up on the same:
medium.com/@kr.sulabhja...

#cybersecurity #wordpress

Patchstack Alliance CTF S02E02 — Road to WordCamp Europe From analysing a WordPress plugin and exploiting it to get the flag.

Here is my writeup on how a classic JWT confusion vulnerability lead to vertical privilege escalation. This is caused due to improper token handling ....

medium.com/@kr.sulabhja...

#CTF #WordPressSecurity #SAST #JWT #Infosec #PrivilegeEscalation #AppSec #cybersecurity

Patchstack Alliance CTF S02E02 — Road to WordCamp Europe From analyzing a WordPress plugin and exploiting it to get the flag

Here is my first CTF write-up on wordpress pentesting.

medium.com/@kr.sulabhja...

#cybersecurity #pentesting #SAST #wordpress

🚨 Security Alert: P1 Vulnerability Identified 🚨

Discovered a critical (P1) vulnerability in a DS Group asset. Kudos to their security team for the swift response!​

#CyberSecurity #Infosec #Hacking #EthicalHacking #BugBounty #InformationSecurity #Security #Tech