P€nt€stM@nk€y
@pentestmonkey11.bsky.social
Local File Inclusion (LFI) vulnerability due to unvalidated user input. This analysis is based on a Patchstack CTF exercise concerning a WordPress instance.
medium.com/@kr.sulabhja...
#ctf #cybersecutity #wordpress
medium.com/@kr.sulabhja...
#ctf #cybersecutity #wordpress
Local File Inclusion (LFI) Due to Untrusted User Input
From analysing a WordPress plugin and exploiting it to get the flag.
medium.com
May 27, 2025 at 2:00 PM
Local File Inclusion (LFI) vulnerability due to unvalidated user input. This analysis is based on a Patchstack CTF exercise concerning a WordPress instance.
medium.com/@kr.sulabhja...
#ctf #cybersecutity #wordpress
medium.com/@kr.sulabhja...
#ctf #cybersecutity #wordpress
Let's explore the chaining of Unauthorized User Registration, Broken Access Control, and Insecure CSRF Token Exposure vulnerabilities within WordPress, leveraging the Semgrep tool for vulnerability discovery.
Here is my write-up on the same:
medium.com/@kr.sulabhja...
#cybersecurity #wordpress
Here is my write-up on the same:
medium.com/@kr.sulabhja...
#cybersecurity #wordpress
Chaining Unauthorized User Registration, Broken Access Control, and Insecure CSRF Token Exposure to…
From analysing a WordPress plugin and exploiting it to get the flag.
medium.com
May 26, 2025 at 10:50 AM
Let's explore the chaining of Unauthorized User Registration, Broken Access Control, and Insecure CSRF Token Exposure vulnerabilities within WordPress, leveraging the Semgrep tool for vulnerability discovery.
Here is my write-up on the same:
medium.com/@kr.sulabhja...
#cybersecurity #wordpress
Here is my write-up on the same:
medium.com/@kr.sulabhja...
#cybersecurity #wordpress
Here is my writeup on how a classic JWT confusion vulnerability lead to vertical privilege escalation. This is caused due to improper token handling ....
medium.com/@kr.sulabhja...
#CTF #WordPressSecurity #SAST #JWT #Infosec #PrivilegeEscalation #AppSec #cybersecurity
medium.com/@kr.sulabhja...
#CTF #WordPressSecurity #SAST #JWT #Infosec #PrivilegeEscalation #AppSec #cybersecurity
Patchstack Alliance CTF S02E02 — Road to WordCamp Europe
From analysing a WordPress plugin and exploiting it to get the flag.
medium.com
May 21, 2025 at 7:28 AM
Here is my writeup on how a classic JWT confusion vulnerability lead to vertical privilege escalation. This is caused due to improper token handling ....
medium.com/@kr.sulabhja...
#CTF #WordPressSecurity #SAST #JWT #Infosec #PrivilegeEscalation #AppSec #cybersecurity
medium.com/@kr.sulabhja...
#CTF #WordPressSecurity #SAST #JWT #Infosec #PrivilegeEscalation #AppSec #cybersecurity
Here is my first CTF write-up on wordpress pentesting.
medium.com/@kr.sulabhja...
#cybersecurity #pentesting #SAST #wordpress
medium.com/@kr.sulabhja...
#cybersecurity #pentesting #SAST #wordpress
Patchstack Alliance CTF S02E02 — Road to WordCamp Europe
From analyzing a WordPress plugin and exploiting it to get the flag
medium.com
May 19, 2025 at 3:07 PM
Here is my first CTF write-up on wordpress pentesting.
medium.com/@kr.sulabhja...
#cybersecurity #pentesting #SAST #wordpress
medium.com/@kr.sulabhja...
#cybersecurity #pentesting #SAST #wordpress
🚨 Security Alert: P1 Vulnerability Identified 🚨
Discovered a critical (P1) vulnerability in a DS Group asset. Kudos to their security team for the swift response!
#CyberSecurity #Infosec #Hacking #EthicalHacking #BugBounty #InformationSecurity #Security #Tech
Discovered a critical (P1) vulnerability in a DS Group asset. Kudos to their security team for the swift response!
#CyberSecurity #Infosec #Hacking #EthicalHacking #BugBounty #InformationSecurity #Security #Tech
April 25, 2025 at 6:35 PM
🚨 Security Alert: P1 Vulnerability Identified 🚨
Discovered a critical (P1) vulnerability in a DS Group asset. Kudos to their security team for the swift response!
#CyberSecurity #Infosec #Hacking #EthicalHacking #BugBounty #InformationSecurity #Security #Tech
Discovered a critical (P1) vulnerability in a DS Group asset. Kudos to their security team for the swift response!
#CyberSecurity #Infosec #Hacking #EthicalHacking #BugBounty #InformationSecurity #Security #Tech