PinnedKhaleel KhaninT3CHFull Account Takeover via Password Reset Link ManipulationIntroduction In 2021, while exploring the diverse landscape of cybersecurity vulnerabilities reported by the bug bounty community, I came…Feb 1Feb 1
PinnedKhaleel KhaninSystem WeaknessUsing Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step GuideThis tutorial will walk you through a simple yet effective method to identify FTP servers that allow anonymous access. Anonymous FTP access…Jun 12Jun 12
PinnedKhaleel KhanTop 3 Essential Tools for Directory and File Enumeration in Penetration TestingIn the dynamic world of cybersecurity, bug hunting, and penetration testing are crucial for identifying and mitigating vulnerabilities. An…Jan 2Jan 2
Khaleel KhaninSystem WeaknessA Deep Dive into Nmap Scripts for Web Application TestingA Step-by-Step Guide to Leveraging Nmap’s Most Advanced Scripts for Comprehensive Web Application Security AnalysisNov 13Nov 13
Khaleel KhaninSystem WeaknessBeware of the Malicious Python Package ‘fabrice’: How Typosquatting is Stealing AWS CredentialsUnderstanding how a malicious PyPI package targeted unsuspecting developers to exfiltrate AWS credentials and establish backdoors on Linux…Nov 10Nov 10
Khaleel KhanCVE-2023–32191: Why You Need to Patch Your Rancher Kubernetes Engine (RKE) NOW to Avoid…A new vulnerability appears with a CVSS score of 10, it’s a five-alarm fire for IT and security teams. This is the case with…Nov 9Nov 9
Khaleel KhanWhy I Shifted My Blogs from Medium to Ghost CMS on DigitalOcean for TheShaco.comI enjoyed publishing my content on Medium, a platform known for its simplicity and community-driven audience. However, as my blogging…Oct 22Oct 22
Khaleel KhanUnlocking Hidden Vulnerabilities: How to Automate Your Bug Bounty Game with GitHub ActionsTake Your Bug Hunting to the Next Level with Advanced Automation Techniques Using GitHub Actions — Streamline Scanning, Discover…Oct 81Oct 81
Khaleel KhancURL for API Testing & Automation: Advanced Commands for Penetration Testers and DevelopersAPIs (Application Programming Interfaces) have become a crucial part of modern web applications. With increased usage, they’ve also become…Oct 7Oct 7