Open in app

Sign In

Write

Sign In

Abdelrhman Allam (sl4x0)
Abdelrhman Allam (sl4x0)

256 Followers

Home

About

Pinned

How I use Notion with Bug Bounty and Pentesting Books

Introduction Hello Guys!👋 In This Article, I will Explain How I use Notion effectively for Taking Notes, Summarising and Reviewing Books for Bug Bounty, and other Pentesting Notes or Books. So first of all we will use a notion’s function called “Table” or “Database” and It’s like what u imagine, Columns…

Bug Bounty

5 min read

My Methodology for Making a Book library with Notion for Bug Bounty and Pentesting
My Methodology for Making a Book library with Notion for Bug Bounty and Pentesting
Bug Bounty

5 min read


4 days ago

Research | How can Local File Inclusion lead to RCE?

Local File Inclusion (LFI) is a type of vulnerability commonly found in web applications. It allows an attacker to include a local file, usually through a script on the web server. This can lead to information disclosure and remote code execution (RCE). …

Lfi

10 min read

Research | How can Local File Inclusion lead to RCE?
Research | How can Local File Inclusion lead to RCE?
Lfi

10 min read


Jan 29

Research | Bypass CSRF Protection w/ XSS

About XSS In Brief: Web Application receives data from the client from GET function, then displays it. if(isset($_GET['text'])) { $var = $_GET['text']; print $var; } // This code checks if the 'text' variable is set for the GET request. …

Bug Bounty

6 min read

Research | Bypass CSRF Protection w/ XSS
Research | Bypass CSRF Protection w/ XSS
Bug Bounty

6 min read


Jan 22

How I found XSS on Admin Page without login!

Introduction بسم الله الرحمن الرحيم Hello Awesome Hackers, this is my first Write-Ups in Real Target; I will explain how Fuzzing helped me get an XSS on Admin Page Just in 1 Minute! Approaching I am doing Bug Bounty Hunting On Open-Source Projects; As I like doing this and giving back support…

Bug Bounty

2 min read

How I found XSS on Admin Page without login!
How I found XSS on Admin Page without login!
Bug Bounty

2 min read


Jan 13

All about: Business Logic Bugs

بسم الله الرحمن الرحيم (In The Name of Allah Most Gracious Most Merciful) In this section, we’ll introduce the concept of business logic vulnerabilities and explain how they can arise due to flawed assumptions about user behavior. What are business logic vulnerabilities? Business logic vulnerabilities are flaws in the design and implementation of an application…

Bug Bounty

7 min read

All about: Business Logic Bugs
All about: Business Logic Bugs
Bug Bounty

7 min read


Dec 9, 2022

All about: Single-Sign On (SSO)

Single sign-on (SSO) is a feature that allows users to access multiple services belonging to the same organization without logging in multiple times. Once you’ve logged into a website that uses SSO, you won’t have to enter your credentials again when accessing another service or resource belonging to the same…

Bug Bounty

8 min read

All about: Single-Sign On (SSO)
All about: Single-Sign On (SSO)
Bug Bounty

8 min read


Nov 12, 2022

All about: Insecure Deserialization

Insecure deserialization vulnerabilities happen when applications deserialize program objects without proper precaution. An attacker can then manipulate serialized objects to change the program’s behavior. Mechanisms Serialization is the process by which some bit of data in a programming language gets converted into a format that allows it to be saved in…

Bug Bounty Tips

13 min read

All about: Insecure Deserialization
All about: Insecure Deserialization
Bug Bounty Tips

13 min read


Sep 28, 2022

All about: IDORs

IDORs happen when users can **access resources that do not belong to them** by directly reference the object ID, object number, or filename. Mechanisms For example, let’s say that example.com is a social media site that allows you to chat with others. …

Idor

8 min read

All about: IDORs
All about: IDORs
Idor

8 min read


Sep 19, 2022

All about: Path/Directory Traversal

In this section, we’ll explain what directory traversal is, describe how to carry out path traversal attacks and circumvent common obstacles and spell out how to prevent path traversal vulnerabilities. What is directory traversal? Directory traversal (also known as file path traversal) is a web security vulnerability that allows an attacker to read arbitrary…

Path Traversal

3 min read

All about: Path/Directory Traversal
All about: Path/Directory Traversal
Path Traversal

3 min read


Sep 15, 2022

All about: Open Redirects

Sites often use HTTP or URL parameters to redirect users to a specified URL without any user action. While this behavior can be useful, it can also cause open redirects, Mechanisms For example, when these users visit their account dashboards at https://example.com/dashboard, …

Open Redirect

7 min read

All about: Open Redirects
All about: Open Redirects
Open Redirect

7 min read

Abdelrhman Allam (sl4x0)

Abdelrhman Allam (sl4x0)

256 Followers

CS Student | Security Researcher ¯\_(ツ)_/¯

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech