Mahmoud YoussefExploiting Out-of-Band XXE in the WildHello all, I hope you’re fine! Our story today is about one of the most interesting bugs I found, actually, it’s my first time finding this…Sep 6, 20222Sep 6, 20222
Mahmoud YoussefAdmin account takeover via weird Password Reset FunctionalityHello all, I hope you’re fine! Our story today is a funny ATO I recently found it, so I decided to share it with you.Jul 2, 20227Jul 2, 20227
Mahmoud YoussefHow I managed to take over any account visits my profile with Stored XSSHello everybody, today we have a simple Stored XSS vulnerability that leads to stealing cookies and Taking over the account. Let’s startMay 15, 20222May 15, 20222
Mahmoud YoussefinInfoSec Write-upsHow I Found multiple SQL Injection with FFUF and Sqlmap in a few minutesHello all, hope you’re OK. Our journey today is about how I found multiple SQL Injections in a bug bounty program in just a few minutes…Dec 14, 20217Dec 14, 20217
Mahmoud YoussefHow I Found multiple SQL Injection with FFUF and Sqlmap in a few minutesHello all, hope you’re OK. Our journey today is about how I found multiple SQL Injection in a BugBounty program in just few minutes with a…Nov 6, 202114Nov 6, 202114
Mahmoud YoussefCybertalents Quals : Saudi, Sudan, Egypt and Tunisia National CTF 2020 Write-UpCybertalents Quals Challenges Write-UpSep 20, 20201Sep 20, 20201