Mahmoud YoussefExploiting Out-of-Band XXE in the WildHello all, I hope you’re fine! Our story today is about one of the most interesting bugs I found, actually, it’s my first time finding this…7 min read·Sep 6, 2022--2--2
Mahmoud YoussefAdmin account takeover via weird Password Reset FunctionalityHello all, I hope you’re fine! Our story today is a funny ATO I recently found it, so I decided to share it with you.5 min read·Jul 2, 2022--7--7
Mahmoud YoussefHow I managed to take over any account visits my profile with Stored XSSHello everybody, today we have a simple Stored XSS vulnerability that leads to stealing cookies and Taking over the account. Let’s start3 min read·May 15, 2022--2--2
Mahmoud YoussefinInfoSec Write-upsHow I Found multiple SQL Injection with FFUF and Sqlmap in a few minutesHello all, hope you’re OK. Our journey today is about how I found multiple SQL Injections in a bug bounty program in just a few minutes…4 min read·Dec 14, 2021--7--7
Mahmoud YoussefHow I Found multiple SQL Injection with FFUF and Sqlmap in a few minutesHello all, hope you’re OK. Our journey today is about how I found multiple SQL Injection in a BugBounty program in just few minutes with a…4 min read·Nov 6, 2021--13--13
Mahmoud YoussefCybertalents Quals : Saudi, Sudan, Egypt and Tunisia National CTF 2020 Write-UpCybertalents Quals Challenges Write-Up5 min read·Sep 20, 2020--1--1