Am I Late to The Party?….. Phew! There’s a lot I have to share, but don’t know where to start from exactly. Aside from the fact that most of my security research, findings and side quests have been...

How to Use @expo/ngrok and --tunnel Mode to Run React Native on a Physical Device (Even If Your Phone Is the Hotspot) So, you just kicked off a React Native project with Expo, and now you want to ...

Building a Secure CI/CD Pipeline for a Python App: From Code to Render Deployment Modern web development isn’t just about building cool apps, it’s about building secure, automated, and production-...

Introduction 🧰 Tools: Frida, apk-mitm, Objection, Genymotion 📱 Target App: (Redacted) Mobile app developers often implement root/jailbreak and emulator detection to protect sensitive data, prevent...

Exploiting Insecure Design Hello Hacker! Welcome to another BreakTheFlask Session. This should be the last vulnerable code for this specific session. Today, we will be exploiting and explaining th...

Disclaimer!: This blog was made for educational and research purposes ONLY. No harm intended towards the original product or user. Install at your own risk!. Installing Burpsuite pro — Cracked Edi...

HACKING A BANK API Ghost St Badmus, a cracked Snr. Application Security Engineer developed a vulnerable Web Application, API and Mobile Application for Pentesters, Bug Bounty Hunters and Security ...

Injection Vulnerability Hey there, fellow hacker! This write-up walks you through exploiting real-world injection flaws in a purposefully vulnerable Flask app. We’re going deep into SQLi, XSS, Com...

Cryptographic Failure Vulnerability Welcome to the Crypto Failures Lab — a playground intentionally riddled with practical, real-world cryptographic vulnerabilities. If you’re a seasoned security ...

Explaining and Exploiting Broken Access Control Vulnerability Using the vulnerable flask code from ==> https://github.com/DghostNinja/BreakTheFlask.git from flask import Flask, request, redire...