PinnedManashinInfoSec Write-upsBypassing Amazon WAF to pop an alert()Hey everyone, its been a while since I published anything. This time, I’ll be sharing how I bypassed Amazon WAF to get XSS on the target…4 min read·Aug 29, 2022--3--3
ManashinInfoSec Write-upsHacking IPMI and Zabbix in HackTheBox — ShibbolethPort Scanning6 min read·Apr 27, 2022----
ManashinSystem WeaknessFrom file upload to command injection to AWS compromiseFile upload feature has a command injection vulnerability from which we get AWS credentials to access sensitive file in s3 bucket.2 min read·Apr 24, 2022----
ManashinInfoSec Write-upsHackTheBox — DevzatDevzat is a medium difficulty box in HackTheBox5 min read·Mar 15, 2022----
ManashinInfoSec Write-upsLumberjack Turtle — WriteupDifficulty: Medium Room Description: No logs, no crime… so says the lumberjack.3 min read·Feb 1, 2022----
ManashinInfoSec Write-upsExploiting Execute After Redirect (EAR) vulnerability in HTB PreviseExploiting Execute After Redirect for fun and profit??3 min read·Jan 10, 2022----
ManashStack based Buffer Overflows - PrerequisitesHello everyone, hope you all are doing great. I’m planning to write some blogs (you can call it a series of blogs) on Buffer Overflows. I…4 min read·Dec 10, 2021--1--1
ManashinInfoSec Write-upsZeno — THM Writeup (Abusing service file misconfigurations)Hello all, today we be doing Zeno from TryHackMe. It is rated Medium and the description says “Do you have the same patience as the great…5 min read·Oct 24, 2021----
ManashinInfoSec Write-upsIDE - TryHackMe WriteupHi all, today we will take on the IDE room in TryHackMe. It is rated Easy and the room description says: “An easy box to polish your…3 min read·Oct 22, 2021----
ManashinInfoSec Write-upsTryHackMe - Sweettooth Inc. (non port forward method)Hello everyone, this one is going to be the write-up for the Sweettooth Inc. room on TryHackMe. In this room, we’ll have to first…5 min read·Aug 2, 2021----