Asfiya $ha!khClient-side Encryption & Server-side Encryption Best PracticesHello pentesting superstars, i am here again with my blog, lets continue spreading knowledge about cyber security & best practices.Apr 29, 2021Apr 29, 2021
Asfiya $ha!khCross Site Request Forgery (CSRF)Over the period of my infosec journey, i have collated some great reads that can make you a CSRF Pro.Let me share the same with you all.Jan 23, 20202Jan 23, 20202
Asfiya $ha!khWeb Services & API Pentesting-Part 2Hello pentesting rockstars, hope you have skimmed through the part-1 of this blog series.Jun 12, 2019Jun 12, 2019
Asfiya $ha!khWeb Services & API Pentesting-Part 1Hey Pentester, I am back with my series of blogs.May 7, 20192May 7, 20192
Asfiya $ha!khPipe Vulnhub-CTF Walkthrough ( Insecure Deserialization in PHP)Hello Pentester, in this blog we will try to solve pipe CTF challenge.Pipe is a vulnerable machine posted on vulnhub which can be found…May 1, 20191May 1, 20191
Asfiya $ha!khXML InjectionHello Pentester, this blog will walk you through how the XML injections are performed and remediated.Apr 27, 20191Apr 27, 20191
Asfiya $ha!khWindows PrivEsc: Weak Service PermissionPresuming we have got a low privileged shell of victim machine, trailing content will walk you through how can we find and exploit one of…Apr 27, 20191Apr 27, 20191
Asfiya $ha!khWindows Privilege Escalation using sudo su?If you have ever used linux, then probably you are aware of sudo command.This command basically let us run a command as different…Apr 27, 2019Apr 27, 2019