MOVIES AND TV SERIES ABOUT HACKING
Today I’m sharing a list of movies and TV series to help you pass the time while you give your brain a break from studying. Don’t watch these movies or series expecting a hacking course; they’re purely for entertainment. And to clarify, this list isn’t in any particular order; it’s simply numbered. Movies: 1. Algorithm (2014) An independent computer hacker discovers a mysterious government computer program. He breaks into the program and sparks a revolution.
Read moreTIPS FOR FINDING XSS VULNERABILITIES
It’s been two years since I last posted on this blog, and I’m reactivating it to share some knowledge that might be useful. I won’t go into detail about Cross-Site Scripting (XSS) or payloads; instead, I’ll show you how I’ve expanded my XSS search area.
Read moreSAYCHEESE: CAPTURE PHOTOS REMOTELY FROM A DEVICE
What is SayCheese? SayCheese is a tool that remotely captures photos from a device, whether mobile devices or computers, achieving this through a link generated with ngrok and sent to the victim. How it works? The tool uses Ngrok via the Port-Forwarding method to generate the malicious link, which is then sent to the victim. Once the victim opens the link in their browser, they will be asked for permission to use the camera. This is done using the function MediaDevices.getUserMedia() embedded in the JavaScript code of the index.php file.
Read moreSSRF: READING LOCAL FILES FROM THE DOWNNOTIFIER SERVER
Some time ago I wrote a write-up about how I was able to read local files from a web service called Downnotifier by exploiting a vulnerability called Server-Side Request Forgery. The write-up was originally written in English on the Openbugbounty platform, but I am now publishing it here.
Read more