A predictable admin access token writeup from BugForge Labs. The token looked random at first glance, but comparing it across two accounts revealed a fixed prefix and a brute-forceable 3-character suffix - this is the full process from spotting the cookie to getting the flag.
A UNION-based SQL injection writeup from BugForge Labs. The login page looked safe, but a product endpoint wasn't - this is the full process from finding the injection to dumping the users table and getting the flag.
JWTs are everywhere and so are their misconfigurations. This writeup covers every major JWT attack a pentester needs to know, explained simply with real exploitation steps.
I always forget this. Every single time I start a new box or clone a tool from GitHub, I end up Googling the same stuff again. So I’m writing this down for myself, and for anyone who keeps doing t...
Disclaimer This writeup is for education purpose only. The University target has been anonymized and no data was leaked. This is the story of everything about my first hack, which I discovered tw...