web app testing - Infosec Consultant & Pentester

Oct 27, 2023 vulnerabilities web app testing

ChargePlace Scotland IDOR

Having recently entered the world of EV cars, I needed to get myself an account with ChargePlace Scotland whilst I awaited the installation of my

File Upload to Remote Code Execution

Apr 14, 2020 web app testing walkthrough reverse-shell RCE

File Upload to Remote Code Execution

In this post, I will walk you through a real life example of how I was able to compromise a web application and achieve remote

Bugbounty Tips - Zseano Live Mentoring Series - XSS

Jul 1, 2019 web app testing Bug Bounty XSS zseano

Bugbounty Tips - Zseano Live Mentoring Series - XSS

Over the weekend I participated in @zseanos live stream bug bounty mentoring session in which he created an application for viewers to hack live and

Reflected XSS on driver.grab.com

Jun 20, 2019 web app testing enumeration techniques Bug Bounty

Reflected XSS on driver.grab.com

Thought I would do a quick write up of a small bug that I found late last year (2018). Unfortunately, the bug was considered out

Web Application Vulnerabilities 101 - Directory Traversal

Apr 16, 2018 OWASP web app testing

Web Application Vulnerabilities 101 - Directory Traversal

Directory traversal aims to access files and directories that are stored outside the web root folder. By manipulating variables that reference files with “dot-dot-slash (../)” sequences