🔐 Exposing a Critical JWT Vulnerability: Secrets in the Payload?! Introduction JSON Web Tokens (JWTs) are a common way for web applications to handle authentication. When implemented correctly, t...

Recently, I was getting rusty and bored, then I started looking for companies who had responsible disclosure programs to hack on and then I discovered this leading company that deals with HR tools...

Have you ever wanted to conduct a test (static analysis) on a mobile application but can’t seem to find the apk file online? Well , this happened to me today. I hopped on a new web3 program and w...

Introduction In this article, we are going to be looking at the BOLA vulnerability which is short for Broken Object Level Authorization, it is a type of vulnerability which affects API applicati...

Introduction In this article, I’m going to be showing you how you can set up your API (Application programming Interface) hacking home lab to practice API hacking and uncovering vulnerabilities ...

Applications (Both WEB and MOBILE ) nowadays have to use a lot of resources in their operations, Application Programming Interface (API) are used to call on resources that an application needs to...

Have you ever heard of the term social engineering? you might think of it as a way of improving the society? Well no, social engineering is not that at all, it is commonly known as “human hacking...