Khaleel Khan – Medium

Khaleel Khan

Pinned

Khaleel Khan
in
T3CH

Full Account Takeover via Password Reset Link Manipulation

Introduction In 2021, while exploring the diverse landscape of cybersecurity vulnerabilities reported by the bug bounty community, I came…

Feb 1

Full Account Takeover via Password Reset Link Manipulation

Feb 1

Pinned

Khaleel Khan
in
System Weakness

Using Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step Guide

This tutorial will walk you through a simple yet effective method to identify FTP servers that allow anonymous access. Anonymous FTP access…

Jun 12

Using Shodan to Find and Exploit FTP Servers with Anonymous Access: A Step-by-Step Guide

Jun 12

Pinned

Khaleel Khan

Top 3 Essential Tools for Directory and File Enumeration in Penetration Testing

In the dynamic world of cybersecurity, bug hunting, and penetration testing are crucial for identifying and mitigating vulnerabilities. An…

Jan 2

Top 3 Essential Tools for Directory and File Enumeration in Penetration Testing

Jan 2

Pinned

Khaleel Khan

NEWSTIDES — WAVE OF CHANGE

May 3, 2021

NEWSTIDES — WAVE OF CHANGE

May 3, 2021

Khaleel Khan
in
System Weakness

A Deep Dive into Nmap Scripts for Web Application Testing

A Step-by-Step Guide to Leveraging Nmap’s Most Advanced Scripts for Comprehensive Web Application Security Analysis

Nov 13

A Deep Dive into Nmap Scripts for Web Application Testing

Nov 13

Khaleel Khan
in
System Weakness

Beware of the Malicious Python Package ‘fabrice’: How Typosquatting is Stealing AWS Credentials

Understanding how a malicious PyPI package targeted unsuspecting developers to exfiltrate AWS credentials and establish backdoors on Linux…

Nov 10

Beware of the Malicious Python Package ‘fabrice’: How Typosquatting is Stealing AWS Credentials

Nov 10

Khaleel Khan

CVE-2023–32191: Why You Need to Patch Your Rancher Kubernetes Engine (RKE) NOW to Avoid…

A new vulnerability appears with a CVSS score of 10, it’s a five-alarm fire for IT and security teams. This is the case with…

Nov 9

CVE-2023–32191: Why You Need to Patch Your Rancher Kubernetes Engine (RKE) NOW to Avoid…

Nov 9

Khaleel Khan

Why I Shifted My Blogs from Medium to Ghost CMS on DigitalOcean for TheShaco.com

I enjoyed publishing my content on Medium, a platform known for its simplicity and community-driven audience. However, as my blogging…

Oct 22

Why I Shifted My Blogs from Medium to Ghost CMS on DigitalOcean for TheShaco.com

Oct 22

Khaleel Khan

Unlocking Hidden Vulnerabilities: How to Automate Your Bug Bounty Game with GitHub Actions

Take Your Bug Hunting to the Next Level with Advanced Automation Techniques Using GitHub Actions — Streamline Scanning, Discover…

Oct 8

Unlocking Hidden Vulnerabilities: How to Automate Your Bug Bounty Game with GitHub Actions

Oct 8

Khaleel Khan

cURL for API Testing & Automation: Advanced Commands for Penetration Testers and Developers

APIs (Application Programming Interfaces) have become a crucial part of modern web applications. With increased usage, they’ve also become…

Oct 7

cURL for API Testing & Automation: Advanced Commands for Penetration Testers and Developers

Oct 7

Khaleel Khan

Khaleel Khan

Cybersecurity researcher with 18 years experience in state government, corporate sectors, and bug hunting enthusiast.

Following

Help
Status
About
Careers
Press
Blog
Privacy
Terms
Text to speech
Teams