Amazon cognito misconfiguration

Mohamed Lakhdar Metidji - Web Exploitation

Cloud Security

Web Security

Amazon Web Services

Security

In recent years, Amazon Web Services (AWS) has become a popular choice for businesses looking to host their web applications in the cloud. One of the most widely used AWS services is Amazon Cognito, a user authentication and identity management service....

Insecure direct object references (IDOR) vulnerability

Mohamed Lakhdar Metidji - web exploitation

web

attack

IDOR

vulnerability

Clients

Servers

Written by Mohamed Lakhdar Metidji What is Insecure Direct Object Reference ( IDOR ) ? Content for everyone ( pentesters/developers/non-...

Log4J Vulnerability, all you need to know

Touami Mohammed - Binary Exploitation

Binary Exploitation

Log4j

Cybersecurity

Attack

Hacking

Before looking at Log4j we first have to define what exactly is a vulnerability, in simple terms, a vulnerability is a weakness in a system that allows hackers to exploit it in order to deliver an attack...

Behind the scenes of CAPTCHA verification across different versions (Turning behavior into code)

Touami Mohammed - Web Exploitation

Web Exploitation

Cybersecurity

Whether you’re signing up for a new account, buying tickets to an upcoming football game or simply clicking a link that a friend sent you, you’ve most likely come across a section under the name “CAPTCHA Verification”...

External network mapping (Gathering the departure points)

Aymen Benmalek - Networking

Cybersecurity

Hacking

Google

Network

Web

Before we get started, we need to introduce some of the important terms that are often brought up when we are talking about penetration testing or bug bounty:...