Blog Posts
-
Chaining Method Override and CSRF Vulnerabilities for Account Takeover
Chaining Method Override and CSRF Vulnerabilities for Account Takeover As a security researcher, uncovering vulnerabilities that could potentially lead to severe security breaches is both challenging and rewarding. In this post, I will discuss a fascinating case involving method override and Cross-Site Request Forgery (CSRF) vulnerabilities, which could lead to an account takeover. Please note…
-
Attacking weak password reset implementation
In this blog post, I detail how I uncovered a critical vulnerability in a popular online service’s password reset feature. Due to poor password reset implementation practices, I was able to gain unauthorized access to user accounts. In this research, I will lay out the thought process from a hacker’s perspective to achieve an account…