← Find more feeds

infosecwriteups.com

InfoSec Write-ups - Medium

Get the latest updates from InfoSec Write-ups - Medium directly as they happen.

Follow now 70 followers

Latest posts

Last updated about 8 hours ago

Auth Mastery Part 1: Credential Types curl Handles

about 8 hours ago

The server tells you exactly which auth scheme it wants. Most people...

Read full

How Hackers Are Manipulating AI Using Prompt Injection

about 8 hours ago

Before We Begin Let’s Understand What Even Is AI?Continue reading on InfoSec...

Read full

Finding & Exploiting Exposed Google API Keys for Bug $Bounties

about 9 hours ago

Turn exposed Google API keys into real-world impact by accessing Gemini and...

Read full

SSRF in APIs: How a Single URL Parameter Can Expose Internal Systems

1 day ago

A single misconfigured URL parameter can allow an attacker to abuse server-side...

Read full

Dev Diaries TryHackMe Walkthrough

2 days ago

Dev Diaries — TryHackMe WalkthroughDev DiariesTask 1. ChallengeThe room starts with a...

Read full

The Loud Failure: How a Broken WebSocket Leaked a Master Key to the Backend

2 days ago

In bug bounty hunting, we often spend a lot of time looking...

Read full

Can Pure Modbus Break a Reactor? Oldsmar, Stuxnet & FrostyGoop, Tested

2 days ago

You can speak Modbus to a chemical reactor as freely as its...

Read full

Poster TryHackMe Walkthrough | PostgreSQL Exploitation & Privilege Escalation

3 days ago

Poster — TryHackMe WalkthroughPosterIntroductionIn this walkthrough, I solved the Poster room from...

Read full

Recon Isn’t Just Technical — It’s Psychological

3 days ago

Hey there!😁Continue reading on InfoSec Write-ups »

Read full

“Bug Bounty Bootcamp #38: SSRF Chaining — Bypassing Domain Whitelists with Open Redirects and PDF…

3 days ago

You found an SSRF, but the server only allows URLs from trusted.com...

Read full

How Malware Hides Inside ZIP Files & Why Most Defenses Still Miss It

3 days ago

The other day I was reading an article about zip files as...

Read full

Bug Bounty Bootcamp #37: SSRF in PDFs, Screenshots, and Bypassing Localhost Filters

4 days ago

You found a PDF generator that fetches URLs. The developer blocked localhost...

Read full

Or log in

Everything you care about in one place

InfoSec Write-ups - Medium

Latest posts

Auth Mastery Part 1: Credential Types curl Handles

How Hackers Are Manipulating AI Using Prompt Injection

Finding & Exploiting Exposed Google API Keys for Bug $Bounties

SSRF in APIs: How a Single URL Parameter Can Expose Internal Systems

Dev Diaries TryHackMe Walkthrough

The Loud Failure: How a Broken WebSocket Leaked a Master Key to the Backend

Can Pure Modbus Break a Reactor? Oldsmar, Stuxnet & FrostyGoop, Tested

Poster TryHackMe Walkthrough | PostgreSQL Exploitation & Privilege Escalation

Recon Isn’t Just Technical — It’s Psychological

“Bug Bounty Bootcamp #38: SSRF Chaining — Bypassing Domain Whitelists with Open Redirects and PDF…

How Malware Hides Inside ZIP Files & Why Most Defenses Still Miss It

Bug Bounty Bootcamp #37: SSRF in PDFs, Screenshots, and Bypassing Localhost Filters

Try Feeder for free