Share this page!

Abhishek Meena Profile picture
Twitter logo
Nov 24 8 tweets 4 min read
Account Takeover Methodology
#bugbounty #infosec

📌Thread🧵:👇
📌Chaining Session Hijacking with XSS
#bugbounty #Infosec

==
My Bugbounty Tips Group Link : 👇
t.me/bugbountyresou…
==

Thread🧵:👇
📌No Rate Limit On Login With Weak Password Policy

So if you find that target have weak password policy, try to go for no rate limit attacks in poc shows by creating very weak password of your account.

(May or may not be accepted)

Thread🧵:👇
📌Password Reset Poisioning Leads To Token Theft
#bugbounty #infosec

Thread🧵:👇
📌Using Auth Bypass
#bugbounty #infosec

Thread🧵:👇
📌Try For CSRF On
#bugbounty #Infosec

1. Change Password function.
2. Email change
3. Change Security Question

Thread🧵:👇
📌Token Leaks In Response
#bugbounty #infosec

Thread🧵:👇
Thanks For Reading This Amazing Thread 🧵On :
Account Takeover Methodology

Hope you ♥ Like These All

Follow me for more like👍 this

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Abhishek Meena

Abhishek Meena Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @Aacle_

Abhishek Meena Profile picture
Nov 25
⭐ Broken Authentication And Session Management.
#bugbounty #Infosec

Step by Step Explanation

See 🧵:
📌Old Session Does Not Expire After Password Change :

Steps🖼 :👇 Image
📌Session Hijacking (Intended Behavior)
#bugbounty #infosec

Impact: If attacker get cookies of victim it will leads to account takeover.

Steps :👇 Image
Read 10 tweets
Abhishek Meena Profile picture
Nov 24
Hidden API Functionality Exposure
#bugbounty #infosec

Credit : @N3T_hunt3r

Thread🧵:👇
Application programming interfaces (APIs) have become a critical part of almost every business.

APIs are responsible for transferring information between systems within a company or to external companies.

For example, 🧵:👇
when you log in to a website like Google or Facebook, an API processes your login credentials to verify they are correct.

• Swagger UI Documentation
• Dictionary Attack | Brute force
• Common wordlist for API Enum:

1. wordlists.assetnote.io

2. github.com/Net-hunter121/…

:👇
Read 4 tweets
Abhishek Meena Profile picture
Nov 23
Testing for IDOR ( Manual-Method )
#bubgounty #infosec

🧵(1/n) :👇
➡ Base Steps :

1. Create two accounts if possible or else enumerate users first.
2. Check if the endpoint is private or public and does it contains any kind of id param.
3. Try changing the param value to some other user and see if does anything to their account.

🧵(2/n) :👇
➡ Testcase 1: Add IDs to requests that don’t have them

GET /api/MyPictureList → /api/MyPictureList?user_id=<other_user_id>

Pro tip: You can find parameter names to try by deleting or editing other objects and seeing the parameter names used.

🧵(3/n) :👇
Read 14 tweets
Abhishek Meena Profile picture
Nov 23
10 Tips to Review Code
#bugbounty #infosec #hacking

1.Important functions first
2.Follow user input
3.Hardcoded secrets and credentials
4.Use of dangerous functions and outdated dependencies

Thread🧵:👇
5.Developer comments, hidden debug functionalities, configuration files, and the .git directory
6.Hidden paths, deprecated endpoints, and endpoints in development
7.Weak cryptography or hashing algorithms

More 🧵:👇
8.Missing security checks on user input and regex strength
9.Missing cookie flags
10.Unexpected behavior, conditionals, unnecessarily complex and verbose functions
Read 4 tweets
Abhishek Meena Profile picture
Nov 22
Web Cache Poisoning 🖥 [ Part - 1 ]
#bugbounty #infosec

Thread -🧵:👇
🏹Intro :
The objective of web cache poisoning is to send a request that causes a harmful response that gets saved in the cache and served to other users.

🏹How to exploit -🧵:👇
➡ Basic poisoning
. . .

X-Forwarded-Host: evil. com

The response body is

<img href="evil.com/a.png" />

When you put Input as XSS payload

X-Forwarded-Host: a.\"><script>alert(1)</script>

Response body is :
<img href="https://a.\"><script>alert(1)</script>a.png" />
Read 6 tweets
Abhishek Meena Profile picture
Nov 20
12 Pentest Tools✨
#bugbounty #Infosec #hacking

A collection of custom security tools
for quick needs.

⬇⬇⬇ Version - 1 ⬇⬇⬇

See 🧵: 🔽
arpa.sh
Converts IP address in arpa format to classical format.
- github.com/gwen001/pentes…

bbhost.sh
Performs host command on a given hosts list using parallel to make it fast.
- github.com/gwen001/pentes…

🧵: 🔽
• codeshare.php
Performs a string search on codeshare.io.
- github.com/gwen001/pentes…

cors.py
Test CORS issue on a given list of hosts.
- github.com/gwen001/pentes…

🧵: 🔽
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

Send Email!

:(