These help bypass SSRF filters or reach internal services despite basic protections. Common SSRF Filters You Might Face Allowlist/Blacklist of domain or IP url.startsWith("http://") or regex ...

B2B apps Target : SaaS platforms for companies, like: Project management (e.g., Asana, Jira) CRMs (e.g., Salesforce, Zoho) ...

What We’re Targeting These are cases where: A CSRF token is present but flawed Cookies are misconfigured (SameSite, Secure, etc.) Referer / Origin headers are relied on—but can be bypassed...

A. CSRF via CORS Misconfig + Token Leakage If any api.example.com endpoint has : Access-Control-Allow-Origin: * (or reflects attacker origin) And cookies are still sent (Access-Control-Allow...

1. State-Changing Endpoints Look for actions that change data or account settings, not just fetch data. Feature Example Endpoint Change email /acc...

Fellow Raiders b3ludan , soura While exploring a program’s Container Registry, we found a simple yet impactful flaw: A read-only token could delete a Docker image — something that shouldn’t happen...

🙏 A Big Shoutout to the Mentors and Fellow Raiders Before I dive into the story, I want to take a moment to acknowledge the amazing people who helped shape my journey : Mentors : Shreyansh , XXSRA...

The enumeration phase involved scanning for open ports and directories using tools like nmap and gobuster, revealing SSH and HTTP services. Further exploration uncovered a cipher that, when decrypt...

The penetration test began with a nmap scan, which revealed that ports 22 (SSH) and 65530 were open. Further enumeration using Gobuster on port 65530 led to the discovery of the nt4share directory....

In the enumeration phase, an FTP server with anonymous login was discovered. Upon further investigation, a key was found and successfully decrypted, revealing subdirectories and a logo. Decrypting ...