Asfiya $ha!khClient-side Encryption & Server-side Encryption Best PracticesHello pentesting superstars, i am here again with my blog, lets continue spreading knowledge about cyber security & best practices.2 min read·Apr 29, 2021----
Asfiya $ha!khCross Site Request Forgery (CSRF)Over the period of my infosec journey, i have collated some great reads that can make you a CSRF Pro.Let me share the same with you all.7 min read·Jan 23, 2020--1--1
Asfiya $ha!khWeb Services & API Pentesting-Part 2Hello pentesting rockstars, hope you have skimmed through the part-1 of this blog series.5 min read·Jun 12, 2019----
Asfiya $ha!khWeb Services & API Pentesting-Part 1Hey Pentester, I am back with my series of blogs.5 min read·May 7, 2019--2--2
Asfiya $ha!khPipe Vulnhub-CTF Walkthrough ( Insecure Deserialization in PHP)Hello Pentester, in this blog we will try to solve pipe CTF challenge.Pipe is a vulnerable machine posted on vulnhub which can be found…5 min read·May 1, 2019--1--1
Asfiya $ha!khXML InjectionHello Pentester, this blog will walk you through how the XML injections are performed and remediated.3 min read·Apr 27, 2019--1--1
Asfiya $ha!khWindows PrivEsc: Weak Service PermissionPresuming we have got a low privileged shell of victim machine, trailing content will walk you through how can we find and exploit one of…5 min read·Apr 27, 2019--1--1
Asfiya $ha!khWindows Privilege Escalation using sudo su?If you have ever used linux, then probably you are aware of sudo command.This command basically let us run a command as different…4 min read·Apr 27, 2019----