Cyber Security Research Blogs - Page 12 Of 25 - Blog On Advance InfoSec Concepts

CVE-2024-23897 – Jenkins Arbitrary File Read Vulnerability

All Blog 4th March 202523rd April 2025 ritik_t

Vendor Description:- Jenkins is a self-contained, open source automation server which can be used to automate all sorts of tasks related to building, testing, andContinue readingCVE-2024-23897 – Jenkins Arbitrary File Read Vulnerability

Cups-browsed daemon exploitation – CVE-2024-47176

All Blog 17th February 202523rd April 2025 ritik_t

Vendor Description:- CUPS is a standards-based, open-source printing system used by Apple’s Mac OS® and other UNIX®-likeoperating systems, especially also Linux. CUPS uses the InternetContinue readingCups-browsed daemon exploitation – CVE-2024-47176

CVE-2024-38856: Critical RCE Vulnerability in Apache OFBiz

All Blog 17th February 202523rd April 2025 ritik_t

Vulnerable Version Apache OFBiz<=18.12.14 Fixed Version Apache OFBiz 18.12.16 Base Score 9.8 Critical Vendor Description Apache OFBiz is an open-source ERP framework. It supports aContinue readingCVE-2024-38856: Critical RCE Vulnerability in Apache OFBiz

PHP Insecure Deserialization vulnerabilities

All Blog 15th May 202417th February 2025 ritik_t

In this blog, we will discuss PHP insecure deserialization vulnerabilities and their prevention. The deserialization vulnerability in PHP is also known as PHP Object Injection.Continue readingPHP Insecure Deserialization vulnerabilities

Node JS deserialization exploitation

All Blog 15th May 202415th May 2024 ritik_t

In this blog, we briefly explore Node JS deserialization Exploitation. The process typically involves crafting a malicious payload that, when deserialized by the application, triggersContinue readingNode JS deserialization exploitation

Insecure Deserialization foundations

All Blog 13th May 202413th May 2024 ritik_t

In the world of web applications, data exchange is paramount. Often, complex objects containing user information or application state need to be transmitted and storedContinue readingInsecure Deserialization foundations

Insecure deserialization exploitation in Java

All Blog 11th May 202415th May 2024 ritik_t

In our Blog, we have discussed the foundations of insecure deserialization. Now in this Blog, we’ll take a glance at multiple insecure deserialization exploitation inContinue readingInsecure deserialization exploitation in Java

Install and configure Nginx Proxy Manager Like a Pro

All Blog 11th May 202416th May 2024 ritik_t

NGINX Proxy Manager The Nginx Proxy Manager offers a convenient tool for managing proxy hosting. The proxymanager makes it relatively easy to forward traffic toContinue readingInstall and configure Nginx Proxy Manager Like a Pro

iOS Pentesting Lab Setup with Palera1n

All Blog 8th October 20238th October 2023 blog_h4ck

Dear Awesome Hackers, Let’s deep dive into the iOS pentesting lab setup with Palera1n Let’s deep dive into the iOS pentesting lab setup with Palera1nContinue readingiOS Pentesting Lab Setup with Palera1n

WebSockets Pentesting -Everything You Need To Know About

All Blog 4th July 202323rd April 2025 Sahil

In this blog, I will be covering the deep internals of WebSocket communication and WebSockets pentesting essentials for every hacker. WebSockets are a bi-directional, fullContinue readingWebSockets Pentesting -Everything You Need To Know About